Need to close exchange 2010 Open Relay HELP!

I have an emergent need with exchange 2010 acting as an open relay.  I have checked all the settings through the EMC and they look good.  I have issued the following command on all the receive connectors and it either remove the access or said there was no ACL.  Get-ReceiveConnector “Windows SBS Internet Receive SMSCORPVS0SBS” | Remove-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient” .  It is still showing it as open.  Any help please!
sidelogicIT ManagerAsked:
Who is Participating?
 
FarWestConnect With a Mentor Commented:
check this url to know about accepted domains and how its effect
http://technet.microsoft.com/en-us/library/bb124423.aspx

and this how you can change it
http://technet.microsoft.com/en-us/library/bb124745.aspx

good luck
0
 
sidelogicIT ManagerAuthor Commented:
the server has two receive connectors, the default and the Windows SBS Internet Receive.  Not sure which it is actually using as a relay.
0
 
JohnGrunwellCommented:
did you check the send connector this is what allows someone to send through your server
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Viral RathodConsultantCommented:
Since enabling anonymous relaying on the default receive connector is a huge security issue ,i have suggest you to create separate receive connector

Here is an article wrote by Akhater that will guide you through it step by step
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2666-Allow-relaying-on-Exchange-2007-Exchange-2010-in-4-easy-steps.html 
0
 
FarWestCommented:
you can check the accepted domains  value
0
 
sidelogicIT ManagerAuthor Commented:
I can telnet through the public IP to port 25 and send as anyone from any domain.  I need to stop this.  Where is the accepted domains value you are talking about?  What am I checking on the send connector?  It looks the same as all our other clients that are not open relay.
0
 
sidelogicIT ManagerAuthor Commented:
That was it.  Internal relay was setup with accepted domain of *
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.