SOLVED

Find receive connectors that can relay email externally - powershell

Steel Contributor

Hi All

 

Is there a quick way I can find all receive connectors in my exchange organization that are capable of sending email externally?

 

Appreciate any advice...

6 Replies
best response confirmed by Navishkar Sadheo (Steel Contributor)
Solution

Hi @Navishkar Sadheo 

 

If you want to find which send connectors are open relays, you can try the following:

 

Get-ReceiveConnector | Get-ADPermission | Where {$_.User -Like '*anon*' -And $_.ExtendedRights -Like 'ms-Exch-SMTP-Accept-Any-Recipient'} | ft Identity, User, ExtendedRights

 

 

@HidMov 

 

Hi again...

 

Quick one....was wondering is this the only and most accurate way to determine whether a connector can relay email externally.

 

The reason I ask is that I ran that command you suggested and it returned my connectors that are external relays but then I found another system that was connecting to another connector (not part of the list returned by your command) which I thought was not capable of relaying email outside but it turns out it can. Hence I am confused.

Hi @Navishkar Sadheo 

 

This is the best way as far as I am aware, but obviously this has missed a connector. I can run through my notes and see if I can find something more accurate.

 

Thanks,

Mark

@HidMov 

 

Hi Mark

Were you able to find anything?

Hi @Navishkar Sadheo 

 

Nothing in my notes I'm afraid - will try to dig deeper into it at some point but I'm pretty smashed at the moment.

1 best response

Accepted Solutions
best response confirmed by Navishkar Sadheo (Steel Contributor)
Solution

Hi @Navishkar Sadheo 

 

If you want to find which send connectors are open relays, you can try the following:

 

Get-ReceiveConnector | Get-ADPermission | Where {$_.User -Like '*anon*' -And $_.ExtendedRights -Like 'ms-Exch-SMTP-Accept-Any-Recipient'} | ft Identity, User, ExtendedRights

 

 

View solution in original post