This EMS script for Exchange 2007-2016 allows Exchange Administrators to toggle anonymous external relay permissions on front-end Receive Connectors. Connectors listed in Yellow allow anonymous SMTP emails to any internal or external recipients. Connectors listed in White only
Toggle-ExternalRelayReceiveConnectors
[ps]
C:\_tmp>.\Toggle-ExternalRelayReceiveConnectors.ps1
Toggle External Relay
1 – SRV-EXCH2\Client Frontend EXSERVER1
2 – SRV-EXCH2\Default Frontend EXSERVER1
3 – SRV-EXCH2\Outbound Proxy Frontend EXSERVER1
X – Exit
Which Receive Connector to toggle:
[/ps]
This EMS script for Exchange 2007-2016 allows Exchange Administrators to toggle anonymous external relay permissions on front-end Receive Connectors. Connectors listed in Yellow allow anonymous SMTP emails to any internal or external recipients. Connectors listed in White only allow SMTP emails to internal recipients. Run this script from the Exchange Management Shell.
See my blog for more information: http://www.expta.com/2016/01/turn-exchange-anonymous-relay-on-or-off.html
Thanks to Jeff Guillet
https://gallery.technet.microsoft.com/Turn-Exchange-Anonymous-5bed81a4
[ps]
<# .SYNOPSIS Allows Exchange Admins to toggle anonymous external relay settings on frontend Receive Connectors. Author/Copyright: Jeff Guillet, MCSM|MVP – All rights reserved Email/Blog/Twitter: jeff@expta.com | www.expta.com | @expta THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER. .NOTES Version 1.0, January 6, 2016 Revision History ——————————————————————— 1.0 Initial release .DESCRIPTION Allows Exchange Admins to toggle anonymous external relay permissions on frontend Receive Connectors. Receive Connectors listed in yellow allow anonymous external relay. This script must be run from the Exchange Management Shell. .LINK http://www.expta.com/2016/01/turn-exchange-anonymous-relay-on-or-off.html .EXAMPLE PS C:\>Toggle-ExternalRelayReceiveConnectors.ps1
The script will list all Receive Connectors in the organization. Connectors listed in Yellow allow anonymous emails to any recipient. Connectors listed in White only allow emails to recipients within the organization.
Select the number of the Receive Connector to toggle or ‘X’ to quit.
#>
# Get collection of Frontend Transport Receive Connectors
$RCColl = Get-ReceiveConnector | Sort-Object -Property Identity | where {$_.TransportRole -eq "FrontendTransport"} | Select Id
# Create an array of the connectors
$RCArray = @()
foreach ($rc in $RCColl) {
$RCArray += $rc
}
$RCCount = $RCArray.Count
do {
Write-Host
Write-Host "Toggle External Relay" -ForegroundColor White
Write-Host
# List all each FE Receive Connectors
for ($i = 1; $i -le $RCCount; $i++) {
# Check to see if Anonymous/ms-Exch-SMTP-Accept-Any-Recipient is already set
if (Get-ReceiveConnector $RCArray[$i – 1].Id | Get-ADPermission -User "NT Authority\Anonymous Logon" | where {$_.ExtendedRights -like "ms-Exch-SMTP-Accept-Any-Recipient"}) {
$color = "Yellow"
}
else {
$color = "White"
}
Write-Host ("{0,3} – {1}" -f $i, $RCArray[$i – 1].Id) -ForegroundColor $color
}
Write-Host " X – Exit" -ForegroundColor Red
Write-Host
do {
$choice = Read-Host "Which Receive Connector to toggle"
$ok = $false
if ($choice -eq "x" -or $choice -eq "X") { Exit }
$ErrorActionPreference = "SilentlyContinue"
$choice = [int]$choice
if ($choice -gt 0 -and $choice -le $RCCount) { $ok = $true }
if ( -not $ok) { Write-Host "* Invalid selection *" -ForegroundColor Red }
} until ( $ok )
# Toggle Anonymous/ms-Exch-SMTP-Accept-Any-Recipient on or off
Write-Host "Processing:" $RCArray[$choice – 1].Id -ForegroundColor Green
if (Get-ReceiveConnector $RCArray[$choice – 1].Id | Get-ADPermission -User "NT Authority\Anonymous Logon" | where {$_.ExtendedRights -like "ms-Exch-SMTP-Accept-Any-Recipient"}) {
Write-Host "Turning external relay OFF" -ForegroundColor White
Get-ReceiveConnector $RCArray[$choice – 1].Id | Remove-ADPermission –User "NT Authority\Anonymous Logon" –ExtendedRights ms-Exch-SMTP-Accept-Any-Recipient -Confirm:$False
}
else {
Write-Host "Turning external relay ON" -ForegroundColor Yellow
Get-ReceiveConnector $RCArray[$choice – 1].Id | Add-ADPermission –User "NT Authority\Anonymous Logon" –ExtendedRights ms-Exch-SMTP-Accept-Any-Recipient #,ms-Exch-Bypass-Anti-Spam
}
} until ( $quit )
[/ps]
Home