Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Windows.

  1. For Microsoft Exchange, open the Exchange Admin Center.

  2. Go to Mail flow > Receive connectors.

  3. Select each connector and verify the Permission groups do not include Anonymous users for relay.

  4. For IIS SMTP service, open IIS 6 Manager.

  5. Select the SMTP Virtual Server, right-click and select Properties.

  6. On the Access tab, click Relay, and set relay restrictions to allow only specific IP addresses.

Back to top