Office 365: Determine accounts that have forwarding enabled.

A common question that has come up through support is how can administrators determine if forwarding has been enabled on an account.  There are three main methods to enable forwarding on a mailbox:


  • The client creates a rule for either redirect or forwarding using Outlook.
  • The client or administrator sets the forwardingSMTPAddress property of the users mailbox.
  • The administrator sets the forwardingAddress property of the users mailbox.


As you can see two of the three options are controlled by the end users – and therefore may occur without the administrator or the organization being aware.


Using powershell the administrator can begin to determine which of these options are enabled on users mailboxes. 


The process begins by establishing a remote powershell session to Office 365.



$session=new-pssession –configuration Microsoft.Exchange –connectionURI –authentication BASIC –allowRedirection:$TRUE –credential $cred

import-psSession $session


The mailboxes in the organization are gathered into a variable that will be used for further analysis.


$mailboxes=get-mailbox –resultSize unlimited


The mailboxes are then evaluated for inbox rules that have either redirect or forwarding.  Using an inbox rule the client can configure a forward flag, a forwarding attachment flag, or a redirect flag.  The rules that exist in the organization are gathered into a variable that will be used for further analysis.


$rules = $mailboxes | foreach { get-inboxRule –mailbox $_.alias }


The rules found are then processed to determine whether a forward or redirect flag is enabled.$rules


$rules | where { ( $_.forwardAsAttachmentTo –ne $NULL  ) –or ( $_.forwardTo –ne $NULL ) –or ( $_.redirectTo –ne $NULL ) } | ft name,identity,ruleidentity


This produces a list of all mailbox\ruleIDs that exist in the organization where the forwarding or redirect flags are enabled.


Name                           Identity                                          RuleIdentity
----                           --------                                          ------------
ForwardToExternal              MAILBOX1\13158606040511545345             13158606040511545345
Redirect                       MAILBOX2\2296058644233453570               2296058644233453570
ForwardAsAttachment            MAILBOX2\2368116238271381506               2368116238271381506


The specifics of the rule can be determined with the get-inboxRule command.


Get-InboxRule –identity “Mailbox2\2296058644233453570” | fl name,forwardTo,forwardAsAttchmentTo,redirectTo


Name                  : ForwardAsAttachment
ForwardTo             :
ForwardAsAttachmentTo : {"RECIPIENT”}
RedirectTo            :


This covers the mailboxes that have rules created for forwarding or redirection.


The forwardingSMTPAddress flag can be set by the end users through Outlook Web Access or by the administrator through a powershell command. 


An example of Outlook Web Access:






An example of powershell:


Set-Mailbox Administrator


The administrator can use the same method for inbox rules to investigate this attribute. 


$mailboxes | where { $_.forwardingSMTPAddress –ne $NULL }


This command generates a list of mailboxes where the forwarding SMTP address has been set.


Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
MailboxName               Alias                bn1pr06mb101     49.5 GB (53,150,220,288 bytes)
MailboxName2              Alias2               blupr06mb417     49.5 GB (53,150,220,288 bytes)


The last method of forwarding is the forwardingAddress flag.  The forwarding address flag is set by the administrator. 


Through the Exchange Control Panel the administrator sets this flag by selecting the mailbox –> mailbox features –> delivery options. 




Through powershell the administrator executes the set-mailbox command.


set-mailbox –identity MAILBOX –forwardingAddress Contact


Using the same variable previously created the administrator can also discover mailboxes where forwardingAddress is set.


$mailboxes | where { $_. forwardTo –ne $NULL }


This command displays a list of mailboxes where the forwardTo flag is set.


Name         Alias      ServerName       ProhibitSendQuota
----         -----      ----------       -----------------
Mailbox      Alias      co1pr06mb175     49.5 GB (53,150,220,288 bytes)


By using powershell administrators can discover mailboxes that utilize a forwarding action.

Comments (3)
  1. TIMMCMIC says:

    @Thomas – no problem.

    @Turbomcp – fixed


  2. Anonymous says:

    Thanks for sharing these helpful steps to support such requests.

  3. turbomcp says:

    Great stuff as always
    "Through the user of powershell " needs fixing:)

Comments are closed.

Skip to main content