May 14 2020 07:18 AM
Hi All
Is there a quick way I can find all receive connectors in my exchange organization that are capable of sending email externally?
Appreciate any advice...
May 14 2020 02:22 PM
Solution
If you want to find which send connectors are open relays, you can try the following:
Get-ReceiveConnector | Get-ADPermission | Where {$_.User -Like '*anon*' -And $_.ExtendedRights -Like 'ms-Exch-SMTP-Accept-Any-Recipient'} | ft Identity, User, ExtendedRights
May 15 2020 01:43 AM
May 19 2020 07:31 AM
Hi again...
Quick one....was wondering is this the only and most accurate way to determine whether a connector can relay email externally.
The reason I ask is that I ran that command you suggested and it returned my connectors that are external relays but then I found another system that was connecting to another connector (not part of the list returned by your command) which I thought was not capable of relaying email outside but it turns out it can. Hence I am confused.
May 19 2020 09:10 AM
This is the best way as far as I am aware, but obviously this has missed a connector. I can run through my notes and see if I can find something more accurate.
Thanks,
Mark
May 21 2020 07:20 AM
May 21 2020 02:09 PM
Nothing in my notes I'm afraid - will try to dig deeper into it at some point but I'm pretty smashed at the moment.
May 14 2020 02:22 PM
Solution
If you want to find which send connectors are open relays, you can try the following:
Get-ReceiveConnector | Get-ADPermission | Where {$_.User -Like '*anon*' -And $_.ExtendedRights -Like 'ms-Exch-SMTP-Accept-Any-Recipient'} | ft Identity, User, ExtendedRights