It’s easy to check if email is being forwarded to external or inappropriate recipients with PowerShell and remove those forwards if they are in place.
First, connect to Exchange Online with the following:
$Cred = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication Basic -AllowRedirection Import-PSSession $Session -CommandName "Get-Mailbox", "Set-Mailbox"
I restricted “Import-PSSession” to import only the Get-Mailbox and Set-Mailbox commands. It makes things a little bit faster by leaving out all the commands that aren’t needed.
List all users with mailbox forwarding enabled
To list all users with forwarding enabled, use the following code:
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null) -or ($_.ForwardingsmtpAddress -ne $Null)} | Select Name, ForwardingAddress, ForwardingsmtpAddress, DeliverToMailboxAndForward
If you have many users you can export the results to CSV for analysis like this:
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null) -or ($_.ForwardingsmtpAddress -ne $Null)} | Select Name, ForwardingAddress, ForwardingsmtpAddress, DeliverToMailboxAndForward | Export-Csv "c:\script\Office365Forwards.csv" -NoTypeInformation -Encoding UTF8
As you can see, there are two different types of fowards:
- ForwardingAddress – This is set by an administrator and the end user has no control over it.
- ForwardingSMTPAddress – This can be set by the user in Outlook Web Access
Remove forwarding from a Mailbox
You can remove the forwarding from a single mailbox with the following command:
Set-Mailbox paulie -ForwardingAddress $NULL -ForwardingSmtpAddress $NULL
This will disable both the admin forwarding and the user forwarding for the specified mailbox.
Remove User Forwarding and Admin Forwarding for all users
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null) -or ($_.ForwardingsmtpAddress -ne $Null)} | Set-Mailbox -ForwardingAddress $null -ForwardingSmtpAddress $null
Remove All forwards set by an Administrator
Same as the command above with a small modification:
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null)} | Set-Mailbox -ForwardingAddress $null
Remove All forwards set by users
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingSmtpAddress -ne $NULL)} | Set-Mailbox -ForwardingSmtpAddress $null
Remove all User forwards to a specific domain
Get-Mailbox -ResultSize Unlimited | Where {$_.ForwardingSMTPAddress -ne $null -And $_.ForwardingSMTPAddress -like '*@gmail.com'} | Set-Mailbox -ForwardingSmtpAddress $null
Loop through a file of aliases and remove admin forwarding for each alias
The following code will read a file containing mailbox identity’s and remove the admin forwards on each account.
$mailForwards = get-content c:\script\AliasList.txt foreach ($alias in $mailForwards) { "Removing Forward for $alias" Set-Mailbox $alias -ForwardingAddress $null -DeliverToMailboxAndForward $false }
There are so many ways of controlling the forwarding with PowerShell, I hope the provided examples are useful.
To learn how to add a forwarding from PowerShell, see this post.