Office 365: Determine accounts that have forwarding enabled.


A common question that has come up through support is how can administrators determine if forwarding has been enabled on an account.  There are three main methods to enable forwarding on a mailbox:

 

  • The client creates a rule for either redirect or forwarding using Outlook.
  • The client or administrator sets the forwardingSMTPAddress property of the users mailbox.
  • The administrator sets the forwardingAddress property of the users mailbox.

 

As you can see two of the three options are controlled by the end users – and therefore may occur without the administrator or the organization being aware.

 

Using powershell the administrator can begin to determine which of these options are enabled on users mailboxes. 

 

The process begins by establishing a remote powershell session to Office 365.

 

$cred=get-credential

$session=new-pssession –configuration Microsoft.Exchange –connectionURI https://ps.outlook.com/powershell –authentication BASIC –allowRedirection:$TRUE –credential $cred

import-psSession $session

 

The mailboxes in the organization are gathered into a variable that will be used for further analysis.

 

$mailboxes=get-mailbox –resultSize unlimited

 

The mailboxes are then evaluated for inbox rules that have either redirect or forwarding.  Using an inbox rule the client can configure a forward flag, a forwarding attachment flag, or a redirect flag.  The rules that exist in the organization are gathered into a variable that will be used for further analysis.

 

$rules = $mailboxes | foreach { get-inboxRule –mailbox $_.alias }

 

The rules found are then processed to determine whether a forward or redirect flag is enabled.$rules

 

$rules | where { ( $_.forwardAsAttachmentTo –ne $NULL  ) –or ( $_.forwardTo –ne $NULL ) –or ( $_.redirectTo –ne $NULL ) } | ft name,identity,ruleidentity

 

This produces a list of all mailbox\ruleIDs that exist in the organization where the forwarding or redirect flags are enabled.

 

Name                           Identity                                          RuleIdentity
----                           --------                                          ------------
ForwardToExternal              MAILBOX1\13158606040511545345             13158606040511545345
Redirect                       MAILBOX2\2296058644233453570               2296058644233453570
ForwardAsAttachment            MAILBOX2\2368116238271381506               2368116238271381506

 

The specifics of the rule can be determined with the get-inboxRule command.

 

Get-InboxRule –identity “Mailbox2\2296058644233453570” | fl name,forwardTo,forwardAsAttchmentTo,redirectTo

 

Name                  : ForwardAsAttachment
ForwardTo             :
ForwardAsAttachmentTo : {"RECIPIENT”}
RedirectTo            :

 

This covers the mailboxes that have rules created for forwarding or redirection.

 

The forwardingSMTPAddress flag can be set by the end users through Outlook Web Access or by the administrator through a powershell command. 

 

An example of Outlook Web Access:

 

image

 

image

 

An example of powershell:

 

Set-Mailbox Administrator -ForwardingSmtpAddress:tim@contoso.com

 

The administrator can use the same method for inbox rules to investigate this attribute. 

 

$mailboxes | where { $_.forwardingSMTPAddress –ne $NULL }

 

This command generates a list of mailboxes where the forwarding SMTP address has been set.

 

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
MailboxName               Alias                bn1pr06mb101     49.5 GB (53,150,220,288 bytes)
MailboxName2              Alias2               blupr06mb417     49.5 GB (53,150,220,288 bytes)

 

The last method of forwarding is the forwardingAddress flag.  The forwarding address flag is set by the administrator. 

 

Through the Exchange Control Panel the administrator sets this flag by selecting the mailbox –> mailbox features –> delivery options. 

 

image

 

Through powershell the administrator executes the set-mailbox command.

 

set-mailbox –identity MAILBOX –forwardingAddress Contact

 

Using the same variable previously created the administrator can also discover mailboxes where forwardingAddress is set.

 

$mailboxes | where { $_. forwardTo –ne $NULL }

 

This command displays a list of mailboxes where the forwardTo flag is set.

 

Name         Alias      ServerName       ProhibitSendQuota
----         -----      ----------       -----------------
Mailbox      Alias      co1pr06mb175     49.5 GB (53,150,220,288 bytes)

 

By using powershell administrators can discover mailboxes that utilize a forwarding action.


Comments (3)

  1. TIMMCMIC says:

    @Thomas – no problem.

    @Turbomcp – fixed

    TIMMCMIC

  2. Anonymous says:

    Thanks for sharing these helpful steps to support such requests.

  3. turbomcp says:

    Great stuff as always
    "Through the user of powershell " needs fixing:)

Skip to main content