The easiest would be to run Get-RPCClientAccess, which returns all Exchange 2010 servers hosting MAPI Endpoints and all encryption levels as well as if the server carries MAPI client and/or public folder responsibility.
The output above may be a bit confusing, since the client MAPI end point is the cas server, however LON-MLT has CAS/HUB and mailbox roles installed on it. These are Exchange 2010 RTM servers only.
Let's contrast that with the exchange 2007 servers in the org.
Red-MBX-2007 is the client MAPI endpoint (mailbox server), RED-MBX-1/2 and LON-MLT all host Public folders only and as far as Exchange 2007 is concerned.
The next question may be, how do you know what versions of Exchange are deployed on each server – Glad you asked, Get-ExchangeServer to the rescue
Obviously you can specify specific Exchange servers on the command line to interrogate each server individually if you want to.