# # get-wrongsender # # Parse Exchange Message tracking to find Sender using a local domain with an invalid sender # limit to SMTP Receive # # Ver 1.1 20140624 FC initial Version # Ver 1.1 20140625 FC MaxDays addiert # Pending: Output in File param ( [string]$lastrunfile = ".\get-wrongsender.txt", [int]$maxdays = 1 ) write-host 'Set Scope to forest' set-ADServerSettings -viewentireforest $true [datetime]$lastrun = get-date("01.01.2000") # initialize if (test-path $lastrunfile -PathType leaf) { write-host 'Loading LastRun from $lastrunfile' $lastrun = get-date(get-content $lastrunfile) write-host ('lastRun (File):' + $lastrun) } # für debuggung # $lastrun = (get-date).addminutes(-1) if ((get-date).adddays(-$maxdays) -gt (get-date($lastrun))) { write-host ' Apply MayDays Limit' $lastrun = (get-date).adddays(-$maxdays) write-host ('lastRun (Limit):' + $lastrun) } write-host 'Loading local Domainlist' $domainlist =@{} foreach ($domain in ( Get-AcceptedDomain)) { $domainlist.add($domain.domainname.smtpdomain.domain.tolower(),$true) } write-host ('Added Domain:'+$domainlist.count) write-host 'Processing Message Tracking' $recipientcache = @{} $messages = get-transportserver | Get-MessageTrackingLog -Start $lastrun -EventId receive -resultsize unlimited | ?{$_.source -eq "smtp"} foreach ($message in $messages) { [string]$sender = $message.sender.tolower() write-host ('Sender:'+ $sender) -nonewline [string]$senderdomain = ($message.sender.split('@'))[1].tolower() if ($domainlist.containskey($senderdomain)) { Write-host ' LocalDomain' -nonewline if (!($recipientcache.containskey($sender))) { write-host " Lookup" -nonewline if ((Get-Recipient $sender -ErrorAction continue) -ne $null) { write-host " found" -nonewline $recipientcache.add($sender,$true) } else { $error.clear() write-host " NOTfound" -nonewline $recipientcache.add($sender,$false) } } if ($recipientcache.item($sender)) { write-host ' valid sender - OK' } else { write-warning ' invalid sender - Problem' $message } } else { Write-host ' ExternSender -skip' } } Write-host ('Last Message:' +$messages[($messages.count -1)].timestamp) $messages[($messages.count -1)].timestamp.tostring() | out-file $lastrunfile write-host 'done'