Forum Discussion

yikes123's avatar
yikes123
Copper Contributor
Jan 13, 2024

Exchange 2019 test shows I'm open relay

I have an Exchange 2019 hybrid environment.  A recent test using the usual telnet to exchange and sending an email from outside to outside shows I'm open relay.  I look at the default frontend server receive connector and I do not have the 'all ip' range in there.   Is there a way to test or see the logs to see which receive connector the open relay is referencing?  I need to be able to configure it so it is no open relay.  Thanks.

  • Run the following command to list all receive connectors and their properties:

    Get-ReceiveConnector | Format-List Identity,PermissionGroups,RemoteIPRanges

    Ensure that the RemoteIPRanges property for each receive connector is appropriately configured.
    You can modify the IP ranges using the Set-ReceiveConnector cmdlet.
    • yikes123's avatar
      yikes123
      Copper Contributor
      Thanks. Should I only be looking for the connectors that are port 25 since that's smtp?
      Default Frontend [server] port 25 has custom ip ranges
      Client Frontend [server] port 587 has all remote ranges
      Client Proxy [server] port 465 has all remote ranges
      Default [server] port 2525 has all remote ranges
      Outbound Proxy Frontend [server] port 717 has all remote ranges.

      Which one should I be suspecting?

Resources