Hi
I've inherited an Exchange 2013 server that is acting as an open relay. I've looked at the connectors for send and receive and I can't see why it would allow relay to happen. Any hints?
Send Connector:
AddressSpaces : {SMTP:*;1}
AuthenticationCredential :
CloudServicesMailEnabled : False
Comment :
ConnectedDomains : {}
ConnectionInactivityTimeOut : 00:10:00
DNSRoutingEnabled : True
DomainSecureEnabled : False
Enabled : True
ErrorPolicies : Default
ForceHELO : False
Fqdn :
FrontendProxyEnabled : False
HomeMTA : Microsoft MTA
HomeMtaServerId : KRYSTALMX
Identity : Internet
IgnoreSTARTTLS : False
IsScopedConnector : True
IsSmtpConnector : True
MaxMessageSize : 35 MB (36,700,160 bytes)
Name : Internet
Port : 25
ProtocolLoggingLevel : None
RequireOorg : False
RequireTLS : False
SmartHostAuthMechanism : None
SmartHosts : {}
SmartHostsString :
SmtpMaxMessagesPerConnection : 20
SourceIPAddress : 0.0.0.0
SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers : {KRYSTALMX}
TlsAuthLevel :
TlsCertificateName :
TlsDomain :
UseExternalDNSServersEnabled : TrueReceive Connectors:
RunspaceId : f896b683-39f9-4123-b026-e7c106cf7210
AuthMechanism : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner :
BinaryMimeEnabled : True
Bindings : {192.168.1.4:2525}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
SmtpUtf8Enabled : False
BareLinefeedRejectionEnabled : False
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
ProxyEnabled : False
AdvertiseClientSettings : False
Fqdn : krystalmx.krystal.local
ServiceDiscoveryFqdn :
TlsCertificateName :
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:05:00
MessageRateLimit : Unlimited
MessageRateSource : IPAddress
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize : 128 KB (131,072 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 35 MB (36,700,160 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : ExchangeUsers, ExchangeServers, ExchangeLegacyServers, Custom
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {0.0.0.0-255.255.255.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : KRYSTALMX
TransportRole : HubTransport
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Default Exchange2013
DistinguishedName : CN=Default Exchange2013,CN=SMTP Receive
Connectors,CN=Protocols,CN=KRYSTALMX,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Krystal,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=krystal,DC=local
Identity : KRYSTALMX\Default Exchange2013
Guid : bc55ad7a-6265-4022-96d4-4ab4c48e88d9
ObjectCategory : krystal.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 24/01/2015 09:39:43
WhenCreated : 24/01/2015 09:39:30
WhenChangedUTC : 24/01/2015 09:39:43
WhenCreatedUTC : 24/01/2015 09:39:30
OrganizationId :
Id : KRYSTALMX\Default Exchange2013
OriginatingServer : KrystalDC.krystal.local
IsValid : True
ObjectState : Unchanged
RunspaceId : f896b683-39f9-4123-b026-e7c106cf7210
AuthMechanism : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner :
BinaryMimeEnabled : True
Bindings : {192.168.1.4:465}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
SmtpUtf8Enabled : False
BareLinefeedRejectionEnabled : False
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
ProxyEnabled : False
AdvertiseClientSettings : False
Fqdn : krystalmx.krystal.local
ServiceDiscoveryFqdn :
TlsCertificateName :
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:05:00
MessageRateLimit : Unlimited
MessageRateSource : IPAddress
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize : 128 KB (131,072 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 35 MB (36,700,160 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : ExchangeUsers, ExchangeServers, Custom
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {0.0.0.0-255.255.255.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : KRYSTALMX
TransportRole : HubTransport
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : ClientProxy Exchange2013
DistinguishedName : CN=ClientProxy Exchange2013,CN=SMTP Receive
Connectors,CN=Protocols,CN=KRYSTALMX,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Krystal,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=krystal,DC=local
Identity : KRYSTALMX\ClientProxy Exchange2013
Guid : 2255a890-0067-47ab-b15d-b58519bcccb3
ObjectCategory : krystal.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 24/01/2015 09:40:50
WhenCreated : 24/01/2015 09:40:49
WhenChangedUTC : 24/01/2015 09:40:50
WhenCreatedUTC : 24/01/2015 09:40:49
OrganizationId :
Id : KRYSTALMX\ClientProxy Exchange2013
OriginatingServer : KrystalDC.krystal.local
IsValid : True
ObjectState : Unchanged
RunspaceId : f896b683-39f9-4123-b026-e7c106cf7210
AuthMechanism : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner :
BinaryMimeEnabled : True
Bindings : {192.168.1.4:25}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
SmtpUtf8Enabled : False
BareLinefeedRejectionEnabled : False
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
ProxyEnabled : False
AdvertiseClientSettings : False
Fqdn : KRYSTALMX
ServiceDiscoveryFqdn :
TlsCertificateName :
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:05:00
MessageRateLimit : Unlimited
MessageRateSource : IPAddress
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize : 128 KB (131,072 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 35 MB (36,700,160 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : AnonymousUsers, ExchangeServers, ExchangeLegacyServers, Custom
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {0.0.0.0-255.255.255.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : KRYSTALMX
TransportRole : FrontendTransport
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Default Frontend Exchange2013
DistinguishedName : CN=Default Frontend Exchange2013,CN=SMTP Receive
Connectors,CN=Protocols,CN=KRYSTALMX,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Krystal,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=krystal,DC=local
Identity : KRYSTALMX\Default Frontend Exchange2013
Guid : 56733f09-ae32-4f45-91be-bf51fb6a3046
ObjectCategory : krystal.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 03/02/2015 10:21:30
WhenCreated : 24/01/2015 11:12:08
WhenChangedUTC : 03/02/2015 10:21:30
WhenCreatedUTC : 24/01/2015 11:12:08
OrganizationId :
Id : KRYSTALMX\Default Frontend Exchange2013
OriginatingServer : KrystalDC.krystal.local
IsValid : True
ObjectState : Unchanged
RunspaceId : f896b683-39f9-4123-b026-e7c106cf7210
AuthMechanism : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner :
BinaryMimeEnabled : True
Bindings : {192.168.1.4:717}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
SmtpUtf8Enabled : False
BareLinefeedRejectionEnabled : False
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
ProxyEnabled : False
AdvertiseClientSettings : False
Fqdn : krystalmx.krystal.local
ServiceDiscoveryFqdn :
TlsCertificateName :
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:05:00
MessageRateLimit : Unlimited
MessageRateSource : IPAddress
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize : 128 KB (131,072 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 35 MB (36,700,160 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : ExchangeUsers, ExchangeServers, ExchangeLegacyServers, Custom
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {0.0.0.0-255.255.255.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : KRYSTALMX
TransportRole : FrontendTransport
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Outbound Proxy Frontend Exchange2013
DistinguishedName : CN=Outbound Proxy Frontend Exchange2013,CN=SMTP Receive
Connectors,CN=Protocols,CN=KRYSTALMX,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Krystal,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=krystal,DC=local
Identity : KRYSTALMX\Outbound Proxy Frontend Exchange2013
Guid : bd749317-68c5-4b4d-b401-166e7fac3b92
ObjectCategory : krystal.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 03/02/2015 13:51:43
WhenCreated : 24/01/2015 11:13:12
WhenChangedUTC : 03/02/2015 13:51:43
WhenCreatedUTC : 24/01/2015 11:13:12
OrganizationId :
Id : KRYSTALMX\Outbound Proxy Frontend Exchange2013
OriginatingServer : KrystalDC.krystal.local
IsValid : True
ObjectState : Unchanged
RunspaceId : f896b683-39f9-4123-b026-e7c106cf7210
AuthMechanism : Tls, Integrated, BasicAuth, BasicAuthRequireTLS
Banner :
BinaryMimeEnabled : True
Bindings : {192.168.1.4:587}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
SmtpUtf8Enabled : False
BareLinefeedRejectionEnabled : False
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
ProxyEnabled : False
AdvertiseClientSettings : False
Fqdn : krystalmx.krystal.local
ServiceDiscoveryFqdn :
TlsCertificateName :
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:05:00
MessageRateLimit : Unlimited
MessageRateSource : IPAddress
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize : 128 KB (131,072 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 35 MB (36,700,160 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : ExchangeUsers, Custom
PipeliningEnabled : True
ProtocolLoggingLevel : None
RemoteIPRanges : {0.0.0.0-255.255.255.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : False
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : KRYSTALMX
TransportRole : FrontendTransport
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Client Frontend Exchange2013
DistinguishedName : CN=Client Frontend Exchange2013,CN=SMTP Receive
Connectors,CN=Protocols,CN=KRYSTALMX,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Krystal,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=krystal,DC=local
Identity : KRYSTALMX\Client Frontend Exchange2013
Guid : 52f3d6e9-5a79-4055-8d39-61235bf3627e
ObjectCategory : krystal.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 24/01/2015 11:14:23
WhenCreated : 24/01/2015 11:14:23
WhenChangedUTC : 24/01/2015 11:14:23
WhenCreatedUTC : 24/01/2015 11:14:23
OrganizationId :
Id : KRYSTALMX\Client Frontend Exchange2013
OriginatingServer : KrystalDC.krystal.local
IsValid : True
ObjectState : Unchanged