It’s easy to check if email is being forwarded to external or inappropriate recipients with PowerShell and remove those forwards if they are in place.
First, connect to Exchange Online with the following:
$Cred = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication Basic -AllowRedirection Import-PSSession $Session -CommandName "Get-Mailbox", "Set-Mailbox"
I restricted “Import-PSSession” to import only the Get-Mailbox and Set-Mailbox commands. It makes things a little bit faster by leaving out all the commands that aren’t needed.
List all users with mailbox forwarding enabled
To list all users with forwarding enabled, use the following code:
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null) -or ($_.ForwardingsmtpAddress -ne $Null)} | Select Name, ForwardingAddress, ForwardingsmtpAddress, DeliverToMailboxAndForward
If you have many users you can export the results to CSV for analysis like this:
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null) -or ($_.ForwardingsmtpAddress -ne $Null)} | Select Name, ForwardingAddress, ForwardingsmtpAddress, DeliverToMailboxAndForward | Export-Csv "c:\script\Office365Forwards.csv" -NoTypeInformation -Encoding UTF8
As you can see, there are two different types of fowards:
- ForwardingAddress – This is set by an administrator and the end user has no control over it.
- ForwardingSMTPAddress – This can be set by the user in Outlook Web Access
Remove forwarding from a Mailbox
You can remove the forwarding from a single mailbox with the following command:
Set-Mailbox paulie -ForwardingAddress $NULL -ForwardingSmtpAddress $NULL
This will disable both the admin forwarding and the user forwarding for the specified mailbox.
Remove User Forwarding and Admin Forwarding for all users
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null) -or ($_.ForwardingsmtpAddress -ne $Null)} | Set-Mailbox -ForwardingAddress $null -ForwardingSmtpAddress $null
Remove All forwards set by an Administrator
Same as the command above with a small modification:
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingAddress -ne $Null)} | Set-Mailbox -ForwardingAddress $null
Remove All forwards set by users
Get-Mailbox -ResultSize Unlimited | Where {($_.ForwardingSmtpAddress -ne $NULL)} | Set-Mailbox -ForwardingSmtpAddress $null
Remove all User forwards to a specific domain
Get-Mailbox -ResultSize Unlimited | Where {$_.ForwardingSMTPAddress -ne $null -And $_.ForwardingSMTPAddress -like '*@gmail.com'} | Set-Mailbox -ForwardingSmtpAddress $null
Loop through a file of aliases and remove admin forwarding for each alias
The following code will read a file containing mailbox identity’s and remove the admin forwards on each account.
$mailForwards = get-content c:\script\AliasList.txt foreach ($alias in $mailForwards) { "Removing Forward for $alias" Set-Mailbox $alias -ForwardingAddress $null -DeliverToMailboxAndForward $false }
There are so many ways of controlling the forwarding with PowerShell, I hope the provided examples are useful.
To learn how to add a forwarding from PowerShell, see this post.
FSLWA says
When removing forwarding, does it matter if you set -DeliverToMailboxAndForward $false ?
It seems that for us, the default for DeliverToMailboxAndForward is actually set to $True, when forwarding is off.
I ask because if ForwardingAddress and ForwardingSmtpAddress is set to Null, then DeliverToMailboxAndForward shouldn’t matter, right?
Bcol says
@FSLWA
Per MS documentation on the Set-Mailbox command:
“The DeliverToMailboxAndForward parameter specifies the message delivery behavior when a forwarding address is specified by the ForwardingAddress or ForwardingSmtpAddress parameters.
The default value is $false. The value of this parameter is meaningful only if you configure a forwarding recipient or email address.”
So, no, it does not matter.
I’m not sure why you’re seeing the default value of $true; this should be $false.
A support tech says
Leaving a thank you, as I used your script today. It ran without any issues and was just what I needed.
AT says
I get the following error. Any thoughts?
PS C:\Windows\system32> Set-Mailbox John.doe@contoso.org -ForwardingAddress $NULL -ForwardingSmtpAddress $NULL
A parameter cannot be found that matches parameter name ‘ForwardingAddress’.
+ CategoryInfo : InvalidArgument: (:) [Set-Mailbox], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Set-Mailbox
+ PSComputerName : ps.outlook.com
ursJAR says
You say:
* ForwardingAddress – This is set by an administrator and the end user has no control over it.
* ForwardingSMTPAddress – This can be set by the user in Outlook Web Access
While MS says:
Forwarding type: Typical values are:
* Mail flow rules
* Inbox rules
* SMTP forwarding: This is automatic forwarding that admins can configure on a mailbox as described in Configure email forwarding for a mailbox.
(https://docs.microsoft.com/en-us/exchange/monitoring/mail-flow-reports/mfr-auto-forwarded-messages-report)
Kiran says
Thankyou so much for the script. Saved me lot of time and manual work !!