Turn Exchange Anonymous Relay On or Off or View Connector Status

This EMS script for Exchange 2007-2016 allows Exchange Administrators to toggle anonymous external relay permissions on front-end Receive Connectors. Connectors listed in Yellow allow anonymous SMTP emails to any internal or external recipients. Connectors listed in White only

Toggle-ExternalRelayReceiveConnectors 


C:\_tmp>.\Toggle-ExternalRelayReceiveConnectors.ps1

Toggle External Relay

1 - SRV-EXCH2\Client Frontend EXSERVER1
2 - SRV-EXCH2\Default Frontend EXSERVER1
3 - SRV-EXCH2\Outbound Proxy Frontend EXSERVER1
X - Exit

Which Receive Connector to toggle:

This EMS script for Exchange 2007-2016 allows Exchange Administrators to toggle anonymous external relay permissions on front-end Receive Connectors. Connectors listed in Yellow allow anonymous SMTP emails to any internal or external recipients. Connectors listed in White only allow SMTP emails to internal recipients. Run this script from the Exchange Management Shell.

See my blog for more information: http://www.expta.com/2016/01/turn-exchange-anonymous-relay-on-or-off.html

Thanks to Jeff Guillet

https://gallery.technet.microsoft.com/Turn-Exchange-Anonymous-5bed81a4

 

 

 <# .SYNOPSIS Allows Exchange Admins to toggle anonymous external relay settings on frontend Receive Connectors. Author/Copyright: Jeff Guillet, MCSM|MVP - All rights reserved Email/Blog/Twitter: jeff@expta.com | www.expta.com | @expta THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER. .NOTES Version 1.0, January 6, 2016 Revision History --------------------------------------------------------------------- 1.0 Initial release .DESCRIPTION Allows Exchange Admins to toggle anonymous external relay permissions on frontend Receive Connectors. Receive Connectors listed in yellow allow anonymous external relay. This script must be run from the Exchange Management Shell. .LINK http://www.expta.com/2016/01/turn-exchange-anonymous-relay-on-or-off.html .EXAMPLE PS C:\>Toggle-ExternalRelayReceiveConnectors.ps1 
 
The script will list all Receive Connectors in the organization. Connectors listed in Yellow allow anonymous emails to any recipient. Connectors listed in White only allow emails to recipients within the organization. 
 
Select the number of the Receive Connector to toggle or 'X' to quit. 
#> 
 
# Get collection of Frontend Transport Receive Connectors 
$RCColl = Get-ReceiveConnector | Sort-Object -Property Identity | where {$_.TransportRole -eq "FrontendTransport"} | Select Id 
 
# Create an array of the connectors 
$RCArray = @() 
foreach ($rc in $RCColl) { 
    $RCArray += $rc 
} 
 
$RCCount = $RCArray.Count 
 
do { 
    Write-Host 
    Write-Host "Toggle External Relay" -ForegroundColor White 
    Write-Host 
 
    # List all each FE Receive Connectors 
    for ($i = 1; $i -le $RCCount; $i++) { 
        # Check to see if Anonymous/ms-Exch-SMTP-Accept-Any-Recipient is already set 
        if (Get-ReceiveConnector $RCArray[$i - 1].Id | Get-ADPermission -User "NT Authority\Anonymous Logon" | where {$_.ExtendedRights -like "ms-Exch-SMTP-Accept-Any-Recipient"}) { 
            $color = "Yellow" 
        } 
        else { 
            $color = "White" 
        } 
        Write-Host ("{0,3} - {1}" -f $i, $RCArray[$i - 1].Id) -ForegroundColor $color 
    } 
 
    Write-Host "  X - Exit" -ForegroundColor Red 
    Write-Host 
 
    do { 
        $choice = Read-Host "Which Receive Connector to toggle" 
        $ok = $false 
        if ($choice -eq "x" -or $choice -eq "X") { Exit } 
        $ErrorActionPreference = "SilentlyContinue" 
        $choice = [int]$choice 
        if ($choice -gt 0 -and $choice -le $RCCount) { $ok = $true } 
        if ( -not $ok) { Write-Host "* Invalid selection *" -ForegroundColor Red } 
    } until ( $ok ) 
 
    # Toggle Anonymous/ms-Exch-SMTP-Accept-Any-Recipient on or off 
    Write-Host "Processing:" $RCArray[$choice - 1].Id -ForegroundColor Green 
    if (Get-ReceiveConnector $RCArray[$choice - 1].Id | Get-ADPermission -User "NT Authority\Anonymous Logon" | where {$_.ExtendedRights -like "ms-Exch-SMTP-Accept-Any-Recipient"}) { 
        Write-Host "Turning external relay OFF" -ForegroundColor White 
        Get-ReceiveConnector $RCArray[$choice - 1].Id | Remove-ADPermission –User "NT Authority\Anonymous Logon" –ExtendedRights ms-Exch-SMTP-Accept-Any-Recipient -Confirm:$False 
    } 
    else { 
        Write-Host "Turning external relay ON" -ForegroundColor Yellow 
        Get-ReceiveConnector $RCArray[$choice - 1].Id | Add-ADPermission –User "NT Authority\Anonymous Logon" –ExtendedRights ms-Exch-SMTP-Accept-Any-Recipient #,ms-Exch-Bypass-Anti-Spam 
    } 
} until ( $quit )
Posted on 12 de Outubro de 2017 by . This entry was posted in Code Snippets, Exchange, PowerShell. Bookmark the permalink.

Deixe um comentário

O seu endereço de email não será publicado. Campos obrigatórios marcados com *