f you have an Exchange 2007 or Exchange 2010 server and you discover that you are an Open Relay, there is a very simple command that you can run from the Exchange Management Shell to close this down.
\nThe command is:
\nGet-ReceiveConnector \u201cYourReceiveConnectorName\u201d | Remove-ADPermission -User \u201cNT AUTHORITY\\ANONYMOUS LOGON\u201d -ExtendedRights \u201cms-Exch-SMTP-Accept-Any-Recipient\u201d
\nReplace \u201cYourReceiveConnector\u201d with the name of your Receive Connector and then run the command.
\nTo test if you are an open relay, you can visit MXToolbox or Mailradar.
\nIf you want to check to see if you are allowing \u201cms-Exch-SMTP-Accept-Any-Recipient\u201d on any Receive Connector for Anonymous Users, run the following command from the Exchange Management Shell:
\nGet-ReceiveConnector | Get-ADPermission | where {($_.ExtendedRights -like \u201c*SMTP-Accept-Any-Recipient*\u201d)} | where {$_.User -like \u2018*anonymous*\u2019} | ft identity,user,extendedrights
\n08\/04\/2014 Update \u2013 If you still have a problem after modifying your receive connector(s) accordingly, please make sure you or someone else hasn\u2019t installed the SMTP Service on the Exchange Server. I was emailed about such a problem with an Exchange 2010 server the other day and the having stopped ALL of the Exchange Services the server was STILL an Open Relay. With a quick NETSTAT command to see what was listening on port 25, I soon discovered the SMTP service was present and enabled. Having disabled the service and restarting all the Exchange Services, the Open Relay problem disappeared immediately.<\/p>\n","protected":false},"excerpt":{"rendered":"
f you have an Exchange 2007 or Exchange 2010 server and you discover that you are an Open Relay, there is a very simple command that you can run from the Exchange Management Shell to close this down. The command is: Get-ReceiveConnector \u201cYourReceiveConnectorName\u201d | Remove-ADPermission -User \u201cNT AUTHORITY\\ANONYMOUS LOGON\u201d -ExtendedRights \u201cms-Exch-SMTP-Accept-Any-Recipient\u201d Replace \u201cYourReceiveConnector\u201d with the […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/3565"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3565"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/3565\/revisions"}],"predecessor-version":[{"id":3566,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/3565\/revisions\/3566"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}