To start with check to see if practical365.com is still live, this site has a more comprehensive look at what we are doing here.
Here is the sort version of what you need to do.
#Show current settings for connectors listening on port 25
Get-ReceiveConnector |where {$_.Bindings -like "*:25"} |ft Identity,ProtocolLoggingLevel
#Set logging to verbose for all of those connectors, make sure you aren't low on free space. It shoudn't take up much but make sure
Get-ReceiveConnector |where {$_.Bindings -like "*:25"} |ft Identity,ProtocolLoggingLevel |Set-ReceiveConnector -ProtocolLoggingLevel verbose
#Wait a day or whatever interval you think is sufficient to get a connection from all the lines of business apps
#Install Log Parser 2.2 on your hub transport servers
https://www.microsoft.com/en-us/download/details.aspx?id=24659
#Browse to your log dir, on my server I had to elevate permissions before it would let me navigate to the dir
#Open CMD and browse to the log dir
cd "D:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpReceive"
#Run the following cmd
"C:\Program Files (x86)\Log Parser 2.2\logparser.exe" "SELECT EXTRACT_PREFIX(remote-endpoint,0,':') as IP,REVERSEDNS(EXTRACT_PREFIX(remote-endpoint,0,':')) as Name,Count(*) as Hits from *.log WHERE data LIKE '%EHLO%' GROUP BY IP ORDER BY Hits DESC" -i:CSV -nSkipLines:4 -rtp:-1
#It should return a table like this
After performing these steps on all of the hub transport servers that are relay targets you would want to update these devices to send though your new relay. Once they are all updated you can clear the logs and re-run this process to make sure it all worked.
Ariel Davenport 