When you want to send email to someone, but you receive a message saying that this email cannot be forwarded. You are able to see the error “Your organization does not allow external forwarding”. This shows that the account of the recipient has allowed the email forwarding, but their organization restricts. In Office 365 the external email forwarding is by default disabled. However, the internal email forwarding is allowed. The external mail forwarding feature is disabled for the security purposes. Attackers who have the access to user’s mailbox may forward all the emails to their own account and then they pretend to be the victim.
To enable the external email forwarding we must need to modify the Anti- spam policy in Office 365. Or we can create the new policy just to allow some particular person or for all users. In this blog, I will tell you both methods. However, I advise only permitting it to trusted individuals to avoid any data leakage.
Contents
Enable External Email forwarding for All Users
- Open Microsoft 365 Defender > Go to the Policies and Rule > and Click on Threat Policies.
- Click on Anti- spam.
- Now click on the Anti- spam outbound policy (Default) > and go to the Edit protection setting.
- Click on the Automatic Forwarding Rule > select on- Forwarding is enabled > and click on Save.
Allow External Forwarding for specific person.
- Follow first 2 steps mentioned above in Enable external email forwarding for all users.
- Click on Create policy > Outbound.
- Fill the Name of the policy whatever you want to name the new policy and add the description.
- Now add Users, Groups, and Domain whom you want to allow for external forwarding and click on the Next Button.
- Now in Protection Setting page set your outbound anti-spam settings for the policy by scrolling down little and choose On- Forwarding is enabled and click on Next.
- Examine all the setting and click ok the Create to save the new policy.
Along with the Anti-Policies the new policy will be presented in the Overview.
Summary of Forwarded Emails
It is important to track of the forwarded emails to external addresses for the safeguard of your organization from leaking data. Although the Exchange Admin Center already has built in report for this, we could use the PowerShell to export complete data from Exchange Online.
- Launch the Exchange Admin Center.
- Go to the Reports > Click on Mail Flow.
- Now click on Auto Forwarded messages report.
After clicking on auto forwarded message report, you will see the overall report. This report can give you the overall summary related to on which address the email was forwarded. Furthermore, you can add a card to the Exchange Admin Center dashboard that provides a summary of all email activity that has been forwarded.
Conclusion
The External email forwarding is prevented by the organization for a good reason. If needed only allow specific person for email forwarding to prevent the data leakage of the organization. Always be alert for the potential dangers like phishing attempts or unapproved access to redirect emails.
Read More: Check Mail Forwarding Status in Microsoft Office 365