Blog Post

Exchange Team Blog
8 MIN READ

All you need to know about automatic email forwarding in Exchange Online

The_Exchange_Team's avatar
The_Exchange_Team
Icon for Microsoft rankMicrosoft
Jan 19, 2021
Update: Starting November 2022, protection.microsoft.com URL does not work anymore. Please go to security.microsoft.com instead for the AntiSpam feature mentioned in this post. We realize that many...
Updated Dec 08, 2023
Version 10.0
exchange online
security
Tips 'n Tricks
transport
troubleshooting
ChrisAtMaf's avatar
ChrisAtMaf
Steel Contributor
Jan 20, 2021

There is a 6th way to set up automatic forwarding which is currently well hidden and cannot be interrogated via the Exchange Admin Center or PowerShell,

 

In the Outlook client, go to File / Automatic Replies (Out of Office) / Rules... / Add Rule... / Forward / To

This is actually a security hole as I believe if a hacker sets up forwarding here, it does not trigger the normal 'mail forwarding' alerts'.

 

Please could you mention this in the first few bullet points and document whether it is blocked by the above methods (Remote Domain / Transport Rule / Outbound spam filter policy)?

 

There is also an outstanding UserVoice request to allow administrators to audit this setting via Exchange Admin Center and PowerShell. At present this seems to be a security blind spot in Office 365 as an administrator cannot check the status of this setting.

 

Any attention that can be drawn to this outstanding issue would be appreciated.

 

https://social.technet.microsoft.com/Forums/msonline/en-US/642d571f-2f1a-4fc4-bb84-5dd86df7dee6/outlook-automatic-replies-forwarding-rule-where-does-it-live-and-how-do-i-find-it-with-powershell?forum=onlineservicesexchange

 

https://github.com/MicrosoftDocs/office-docs-powershell/issues/1708

 

https://office365.uservoice.com/forums/273493-office-365-admin/suggestions/35353714-use-powershell-to-manage-out-of-office-rules-for-e