Definitely only support ActiveSync devices. Blackberry devices can still connect using the Blackberry Internet Service (using the URL of OWA).
I would go ahead and disable the POP/IMAP services in Exchange as well as make sure the ports are blocked on the firewalls.
It's too bad you don't have Exchange 2007 of 2010--it gives you the ability to enforce lots of device settings such as device passwords (great for when the user loses their device and you want to prevent someone who finds it from having full access to their mailbox) or disable certain device features (such as the camera, removable memory slots, or the installation of certain programs). Also it gives you the remote wipe feature.
I want to say though that Exchange 2003 had that remote wipe capability as well, but I'm not 100% sure. I know it required downloading/installing a mobile device utility from Microsoft.