Disable External Forwarding With These 2 Steps

Disable External Forwarding

You, for many reasons (Security being a big one), that you need to Disable External Forwarding for your M365 Users. In this article I can show how to check which users are using forwarding and then how to turn it off for the entire organization so it won’t be a concern going forward.

List Users Who Use External Forwarding

You may want to give your users a heads up that you will be disabling this feature. You can easily do this by connecting to the Exchange-Online PowerShell Module and using the Get-InboxRule commandlet. If you only have a few users to look at you can run the following script manually:

#Connect to Exchange

Connect-ExchangeOnline

#Delcare Variables

$user = “[email protected]

$x = 0

$items = @(Get-InboxRule -Mailbox $user)

$count = $items.count

#Main

#Show all Rules on mailbox

$items

#Go through each Rule and see if forwarding is set up

while($x -lt $count) {

$rule = $items[$x].RuleIdentity
$ruleWithQuotes = "{0}" -f $rule
$rulename = $items[$x].Name
$rulenamelength = $rulename.length

"`r",$rulename
$("-" * $rulenamelength)

Get-InboxRule -Mailbox $user -Identity $ruleWithQuotes | Select -Property ForwardTo
Get-InboxRule -Mailbox $user -Identity $ruleWithQuotes | Select -Property ForwardAsAttachment


$x++

}

If you need to run this command for many users, I would suggest wrapping it in a For-Each Loop based on a CSV of your Organizations users and Export to a CSV if you need it as a list.

Disable External Forwarding for the Organization

For this, you need to make sure the default Anti-Spam Outbound Rule is enabled. As a Global Admin, go to admin.microsoft.com. Then go to Security / Policies and Rules / Threat Policies / Anti-Spam Policies:

Disable External Forwarding
Default Anti-Spam Policy

When you click on Anti-Spam Outbound Policy (Default), you will see a fly-out menu to your right. Click on “Edit Protection Settings” and make sure the Forwarding rules are set to off:

Disable External Forwarding
Turn Off External Forwarding for the Entire Organization.

Save your settings and it is now turned off. Notify your list if users from step one and you are done. They may not like it but it protects the organization from comprised email through phishing attacks and rogue employees.

Happy IT’ing

Dan

Avatar photo

I am an IT professional with over twenty years experience in the field. I have supported thousands of users over the years. The organizations I have worked for range in size from one person to hundreds of people. I have performed support from Help Desk, Network / Cloud Administration, Network Support, Application Support, Implementation and Security.

Pin It on Pinterest