Open relay in Microsoft Exchange 2010 (and 2007)

Amazingly there are still many companies out there today who still manage to forget to close off their Exchange server's native ability to provide a full open relay.

So just a quick note for you, a very easy way to make sure you aren't an open relay is to run the following command from the Exchange Management Shell.

Get-ReceiveConnector “ReceiveConnectorName” | Remove-ADPermission -User “NT AUTHORITYANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”

Don't forget to replace ReceiveConnectorName with the name of your own receive connector.

That is it, couldn't be easier, don't let your system become a spammer!

There are a number of online tools that can help you to check the status of your server to see if you are an open relay or not, I typically use MXToolbox.

FILED IN