Solved

Anonymous relay issue

Posted on 2015-02-04
4
62 Views
Last Modified: 2015-02-05
I accidentally ran the exchange shell command to allow anonymous relay to the outside with the default frontend receive connector instead of one we created.  How do I go about removing those permissions?
0
Comment
Question by:Chris Rice
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40590001
Exactly what command did you run?

It is usually a matter of reversing it with something like remove-adpermissions or something like that, but without knowing what command you used, impossible to say further.

Simon.
0
 

Author Comment

by:Chris Rice
ID: 40590243
I ran this command Get-ReceiveConnector "Relay Connector" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40590384
In that case use the command Get-ReceiveConnector "Relay Connector" | Remove-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

I'm not sure how the above command you ran would have modified the default frontend connector though, as you've specified the receive connector named "Relay Connector" with that command.
0
 

Author Comment

by:Chris Rice
ID: 40591022
That was just an example that I found on google.  I couldn't remember the command that I ran off the top of my head.  Thanks.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question