When Migrating Receive connectors from an earlier version of Exchange (2007 upwards), it can be useful to find the application Receive Connectors, that are used by applications, multifunction devices, printers, etc.

Relay permissions are an Active Directory permission and not an Exchange permission, with that in mind the line of PowerShell below looks for all receive connectors in the organisation, and then filters for the AD permission "MS-Exch-SMTP-Accept-Any-Recipient" granted to “NT AUTHORITY\Anonymous Logon”

Get-ReceiveConnector | Get-ADPermission | where {$_.identity -notlike "*Default*" -and $_.identity -notlike "*Client*" -and $_.user -like "NT AUTHORITY\*" -and $_.ExtendedRights -like "MS-Exch-SMTP-Accept-Any-Recipient"} | select i
dentity, user, ExtendedRights