Exchange 2013 Open Relay fix

Open relay is a very bad thing for messaging servers on the Internet. Messaging servers that are accidentally or intentionally configured as open relays allow mail from any source to be transparently re-routed through the open relay server. This behavior masks the original source of the messages, and makes it look like the mail originated from the open relay server. Open relay servers are eagerly sought out and used by spammers, so you never want your messaging servers to be configured for open relay.

The following EMS one-liner is useful to determine which receive connectors in the organization are open relay connectors.
Get Permissions
Get-ReceiveConnector | Get-ADPermission -User “NT Authority\Anonymous Logon” | Where-Object {$_.ExtendedRights -like “ms-Exch-SMTP-Accept-Any-Recipient”} | Format-List Identity,ExtendedRights
If any connector returns having these permissions then perform the following command.
Remove Permissions
Get-ReceiveConnector “Default Frontend MAIL1” | remove-ADPermission -User “NT Authority\Anonymous Logon” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”
Replace the connector name with yours.
Add Permissions
Get-ReceiveConnector “Default Frontend MAIL1” | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “Ms-Exch-SMTP-Accept-Any-Recipient”
To check out your current config on the Frontend* connectors
Get-ReceiveConnector -Identity “Default Frontend*” |  Format-List
Set the Recipient Filter to enable Recipient filtering.
Set Recipient Filter $true
Set-RecipientFilterConfig -Enabled $true
Get-RecipientFilterConfig

Leave a Reply