Fetch remote SMTP servers connecting to Exchange

Last Updated 2023-06-19

Exchange Server 2010Exchange Server 2013Exchange Server 2016Exchange Server 2019PowerShellDescription

When migrating to a new version of Exchange Servers, you must move your internal SMTP relay endpoints. This can be challenging as application owners mostly ignore your requests for such changes. 

You can use the information in the receive connector log files to identify remote clients (MTAs / MTUs) connecting to the legacy infrastructure. The assumption is that protocol logging is enabled. You can easily active protocol logging across all receive connectors for a single server using the following EMS PowerShell one-liner:

Get-ReceiveConnector -Server EX01 | Set-ReceiveConnector -ProtocolLoggingLevel Verbose

The script searches the log files for the connection’s EHLO response which contains the remote name or remote IP address of the system connecting to the receive connector.

You can either search

  • Legacy Exchange Servers (aka Exchange Server 2010)
  • Modern Exchange Servers 
    • Frontend Transport
      or
    • Backend Transport (aka Hub Transport)

For more information, read the readme file on GitHub.

Note

You need to adjust the log file path to suit your IT infrastructure. The next release will contain a more automatic solution.

Examples

# Search legacy Exchange servers SMTP receive log files for the last 4 days 
# and save search results in a single CSV file

.\Get-RemoteSmtpServers.ps1 -Servers SRV01,SRV02 -LegacyExchange -AddDays -4 -ToCsv

Version History

  • 1.0, Initial community release 
  • 1.1, Fixed Issue #2
  • 1.2 Minor PowerShell hygiene
  • 1.3 IP address, connector name, and IP uniqueness added

Links

Follow

%d Bloggern gefällt das: