Forum Discussion
Client-side rules
<p>
It seems incredible that there is no visibility into client-side rules (particularly via PowerShell.) Our company would like a means of preventing client-side rules that forward emails without using transport rules. The transport rules simply are not granular enough for this specific issue. Beyond that, I would think there would be huge security concerns with client-side rules with recent exploits.
Any thoughts on how to overcome this short coming?
</p>
5 Replies
Good afternoon. I believe you are looking for a PowerShell cmdlet that would let you see Inbox Rules. The following post is more information about the Get-InboxRule cmdlet (https://docs.microsoft.com/en-us/powershell/module/exchange/get-inboxrule?view=exchange-ps)
The two ways that I know how to prevent client-side rules that forward emails:
- Control automatic external email forwarding in Microsoft 365 using outbound spam filter policy
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-worldwide - Transport to stop all auto-forwarding emails - https://docs.microsoft.com/en-us/microsoft-365/business-video/stop-email-auto-forward?view=o365-worldwide
- Thanks davidbmarker
When I run a get-inbox on a mailbox and look at any rules with the value supportedbytask set to false, those always seem to match the client side rules. I went as far as making a new rule client side and converting another rule to server side. And I discovered the change was picked up by my one-line script.
Get-InboxRule -Mailbox <mailbox> | where {$_.supportedbytask -eq $false} |select Identity, Name
Do you have any idea what the supportedbytask is? I feel like I have stumbled onto something, but I would like an expert's opinion.
- Control automatic external email forwarding in Microsoft 365 using outbound spam filter policy
Hello! You've posted your question in the Tech Community Discussion space, which is intended for discussion around the Tech Community website itself, not product questions. I'm moving your question to the Exchange space- please post Exchange questions here in the future.
Thanks for your reply EricStarker
When I run a get-inbox on a mailbox and look at any rules with the value supportedbytask set to false, those always seem to match the client side rules. I went as far as making a new rule client side and converting another rule to server side. And I discovered the change was picked up by my one-line script.
Get-InboxRule -Mailbox <mailbox> | where {$_.supportedbytask -eq $false} |select Identity, Name
Do you have any idea what the supportedbytask is? I feel like I have stumbled onto something but I would like an experts opinion.
- While I appreciate the question, I am a community manager and not a product expert.
Sorry I can't help you here, but I'm sure you'll get great responses from the experts here!
