Thursday, July 23, 2015

Dump SMTP Relay and Connection Info from IIS on 2003 via VBS

I had the need to pull all the SMTP related information from an old 2003 IIS server setup to do relaying. The specific information I was looking for was:
  • IPs allowed to Relay
  • IPs allowed to Connect
  • Domains and if they had any SmartHost setup
Obviously, pulling this information via the GUI was not practical - you can only view 5 Relay IPs at a time, 2 Connection IPs at a time, and you have to manually check each domain's properties to verify SmartHost information.

I was also unable to pull the information straight out of the Metabase Explorer, as I would still have to go to each domain separately, and then convert the Relay and Connection IPs from Hex.

I looked around, but was unable to locate a ready-to-use VBScript that gave me what I wanted. I did find a script here that dumped the IIS SMTP Relay IPs, so I started there and adapted to also get the Connection IPs (listed as IPSecurity). Then I found this site that detailed how to get the Domains and their settings. I added this to the script, and voila, I had what I wanted in a nice CSV file.

To run the script, copy the below into notepad, save as ExportIISSMTPSettings.vbs and run with the following command:
cscript ExportIISSMTPSettings.vbs > IISSMTPServerSettings.csv

'#####================================================================================
'## Title: ExportIISSMTPSettings.vbs
'##    
'## 
'#####================================================================================

Set objSMTP = GetObject("IIS://localhost/smtpsvc/1") 'Connect to the IIS Namespace, You can change the "smtpsvc/1" to fit your needs.
Set objRelayIpList = objSMTP.Get("RelayIpList") 'Get the RelayIPListObject
Set objIPSecurity = objSMTP.Get("IPSecurity") 'Get the IPSecurityObject

' *** Get Relay List
' GrantByDefault returns 0 when "only the list below" is set (false) and -1 when all except the list below is set(true)
Wscript.echo "Results will be display based on the Relay Restrictions Radio Buttion Selection"
Wscript.echo "  o Only the list below"
Wscript.echo "  o All Except the list below"
Wscript.echo "-------------"
If objRelayIpList.GrantByDefault = true Then
    Wscript.Echo "All except the list below :"
    Wscript.echo "-------------"
    objCurrentList = objRelayIpList.IPDeny
Else
    Wscript.Echo "Only the list below :"
    Wscript.echo "-------------"
    objCurrentList = objRelayIpList.IPGrant
End If
    count = 0
For Each objIP in objCurrentList
    Wscript.Echo objIP
    count = count + 1
Next
If count = 0 Then
    Wscript.Echo "There were no IP Addresses Found"
End If

' *** Get Connection Control List
Wscript.echo "Results will be display based on the Connection Control Radio Buttion Selection"
Wscript.echo "  o Only the list below"
Wscript.echo "  o All Except the list below"
Wscript.echo "-------------"
If objIPSecurity.GrantByDefault = true Then
    Wscript.Echo "All except the list below :"
    Wscript.echo "-------------"
    objCurrentList = objIPSecurity.IPDeny
Else
    Wscript.Echo "Only the list below :"
    Wscript.echo "-------------"
    objCurrentList = objIPSecurity.IPGrant
End If
    count = 0
For Each objIP in objCurrentList
    Wscript.Echo objIP
    count = count + 1
Next
If count = 0 Then
    Wscript.Echo "There were no IP Addresses Found"
End If
Wscript.echo ""

' *** Get Domains and settings
Wscript.echo "Displaying list of Domains and settings"
Wscript.echo "-------------"
Wscript.echo "Route Actions:"
Wscript.echo "2: Use DNS to route to this domain"
Wscript.echo "4098: Forward all mail to smart host"
strComputer = "."
Set objWMIService = GetObject _
    ("winmgmts:{authenticationLevel=pktPrivacy}\\" _
        & strComputer & "\root\microsoftiisv2")

Set colItems = objWMIService.ExecQuery _
    ("Select * from IIsSmtpDomainSetting")

For Each objItem in colItems
    Wscript.echo ""
    For Each strTurn in objItem.AuthTurnList
        Wscript.Echo "Authentication Turn List: " & strTurn
    Next
    Wscript.Echo "CSide Etrn Domains: " & objItem.CSideEtrnDomains
    Wscript.Echo "Name: " & objItem.Name
    Wscript.Echo "Relay For Authentication: " & objItem.RelayForAuth
    Wscript.Echo "Relay IP List: " & objItem.RelayIpList
    Wscript.Echo "Route Action: " & objItem.RouteAction
    Wscript.Echo "Route Action String: " & objItem.RouteActionString
    Wscript.Echo "Route Password: " & objItem.RoutePassword
    Wscript.Echo "Route User Name: " & objItem.RouteUserName
Next

------
Dustin Shaw
VCP

No comments:

Post a Comment