locked
Enumerate SMTP Relay restriction list RRS feed

  • Question

  • Hi guys,
    I'd like to know how can I enumerate, via scripts or other tool, the list of IP addresses
    allowed on the SMTP Relay Restriction list. I can access it manually, but there are so many
    address on it...
    Someone could help me?
    Thanks,
    Marcelo.
    Marcelo Braga -- Um discipulo de Jesus -- MCT/ MCSA/ MCITP/ MCTS Exchange 2007.
    Wednesday, February 18, 2009 9:55 PM

Answers

  • Hi Marcelo,

    I found a kb artical that tells you how to do it for exchange 2003.  It's by using a script called IPSec.vbs, weird name seeming we are not dealing with the IPSec protocol itself.

    I found it by google searching "export SMTP Relay Restriction list exchange 2003", it came up as the first link.

    http://support.microsoft.com/kb/935635

    Let me know if this works for you.

    Best of luck.
    Clint Boessen MCSE, MCITP: Messaging

    L7 Solutions, Microsoft Gold Partner
    Perth, Western Australia
    Sunday, March 1, 2009 5:08 AM

All replies

  •  You didnt specify the version of exchange.  For ex2007 you need, this needs to be done on an edge transport or a hub transport that have had the anti-spam roles installed via the powershell script that comes with exchange.

    You can then get this information by simply typing in exchange management shell:
    Get-IPBlockListEntry

    for your RBL's use Get-IPBlockListProvider

    To pipe it to a text file use Get-IPBlockListEntry > c:\myblockedips.txt
    Clint Boessen MCSE, MCITP: Messaging

    L7 Solutions, Microsoft Gold Partner
    Perth, Western Australia
    • Proposed as answer by Clint Boessen Thursday, February 19, 2009 8:28 AM
    Thursday, February 19, 2009 8:27 AM
  • I'm sorry. The version is 2003, and I'm using the White List...
    If you can help me...
    Thanks for the tips for Exch2007. ;-)
    Marcelo.
    Marcelo Braga -- Um discipulo de Jesus -- MCT/ MCSA/ MCITP/ MCTS Exchange 2007.
    Thursday, February 19, 2009 12:02 PM
  • Hi Marcelo,

    I found a kb artical that tells you how to do it for exchange 2003.  It's by using a script called IPSec.vbs, weird name seeming we are not dealing with the IPSec protocol itself.

    I found it by google searching "export SMTP Relay Restriction list exchange 2003", it came up as the first link.

    http://support.microsoft.com/kb/935635

    Let me know if this works for you.

    Best of luck.
    Clint Boessen MCSE, MCITP: Messaging

    L7 Solutions, Microsoft Gold Partner
    Perth, Western Australia
    Sunday, March 1, 2009 5:08 AM
  • Perfect!
    Thank Clint.

    Have a nice weekend.

    Marcelo.


    Dicas e truques Windows Server Blog: http://WindowsServer-AD.blogspot.com
    Marcelo Braga -- Um discipulo de Jesus -- MCT/ MCSA/ MCITP/ MCTS Exchange 2007. http://WindowsServer-AD.blogspot.com
    Sunday, March 1, 2009 7:17 AM
  • Hi Marcelo:

    This information can also be found through ADSIEdit.

    1. Open ADSIEdit and connect to a domain controller.
    2. Open the Configuration Container.
    3. Navigate to the following location:
      Configuration/Services/Microsoft Exchange/ <Your Organization>/ Administrative Groups/<Your Administrative Group>/Servers/ <Your Exchange Server>/Protocols/SMTP/ <Your Virtual Server Number>
    4. Right-click the virtual server object, and then click Properties.
    5. In the Attribute Editor tab, scroll down to msExchSmtpRelayIpList and double-click or press the View button.
    6. Change the value format to Decimal, then copy everything listed under "Value:"
    7. Paste this data into Notepad with Word Wrap turned ON.
    8. Collapse the right-side border of Notepad until the text is displayed in 4 columns of 3-digit numbers.
    9. Save the text file -- this will lock the row break you just created with you word wrap.
    10. Look at the data in your text file -- the first 20 rows or so are not part of the SMTP relay information, up to where you see 255 255 255 255 -- the next row starting after that should correspond to the first IP address listed in your SMTP relay list.
    11. Copy from that row to the bottom and paste into Microsoft Excel.
    12. Select the Data tab, Text to Columns function, Fixed Width.  This will get each of your octets into its own cell.
    13. Filter, remove blank rows from your data.
    14. Assuming your octet data is in the first 4 columns of the spreadsheet (columns A-D), paste the following formula into column F:

      =A1&"."&B1&"."&C1&"."&D1

    15. This will convert the 4 columns into a single readable IP address in cell F1.  You can then copy this formula down the list of rows and voilà!  You have a perfectly readable listing of all your SMTP relay addresses.

     

    These locations within ADSIEdit can be saved as Favorites in the MMC console, so you can easily go back to these locations for any of your Exchange servers (they can have different SMTP relay lists), and by copying the same data into Notepad and formatting it properly as before, if you still have your spreadsheet with the formulas already created, the data will paste in pre-delimited and you can quickly generate an updated SMTP Relay list.

     

    -Chris Jones

    • Proposed as answer by wasteddread Tuesday, May 31, 2011 5:32 PM
    Tuesday, May 31, 2011 5:29 PM