The problem: when users leave the company, they create server side rules to forward their mail to an outside address. An administrator wanted to know if there was a way to clear rules in Outlook or with a PowerShell command.
Yes, you can use PowerShell to check for and remove forwarding rules. Use the first cmdlet to check for forwarding rules. This cmdlet will list all rules in the mailbox and if they are forwarding rules, include the address the message is being forwarded to
Get-InboxRule -Mailbox user-alias |fl Name,Identity,ForwardTo,ForwardAsAttachmentTo
Then use this cmdlet to delete the rule:
Remove-InboxRule -Mailbox user@domain.com -Identity "RuleName"
My own preference is to configure Exchange server to not allow automatic forwarding to the Internet, problem solved.
In Office 365 and Exchange 2013 and newer, disable forwarding to remote domains in the Exchange Admin center under Mail flow, Remote Domains. If This will allow you to block forwarding to all domains then create remote domains for the domains you need to forward mail to.
To make this change using PowerShell, use this cmdlet:
Set-RemoteDomain remote-domain-name -AutoForwardEnabled $false
In older Exchange servers, block forwarding in the Exchange admin center
Remove the user-option to Forward mail
Users can set up rules to forward mail, administrators can configure Exchange to prevent users from enabling forwarding rules. See Disable automatic forwarding in Office 365 and Exchange Server to prevent information leakage (TechNet) for the instructions.
Other Solutions
If you can't disable automatic forwarding to the Internet, create a transport rule that drops messages sent from the terminated addresses. Add the addresses to a distribution group and create a transport rule that looks for mail sent from members of the distribution group. You can drop the messages or redirect them to another address (this will alert you to the presence of a forwarding rule on the mailbox.)
You can remove the rules from Outlook (any version) by starting Outlook with the /cleanrules switch. This requires you to open the user's profile in Outlook, which can be time consuming if you need to check a lot of mailboxes. It's not possible to do it using powershell. If you use the transport rule to redirect mail to a monitored address, you can use /cleanrules on those mailboxes that have forwarding rules configured.
The final option is to either disable or delete the mailbox. If you need to continue monitoring the address, add the user's email address to another mailbox or public folder. Otherwise, allow the mail to bounce with an NDR or deliver it to a dropbox.
If you want to keep the mailbox around for a bit, you can configure it so it can't send email by setting the maximum message size allowed to 0. You can do this using a cmdlet:
Set-Mailbox -identity "Name" -MaxSendSize "0"
If you need to apply it to many mailboxes, it can be used with a list of names in a csv:
$a= import-csv c:\terminated_users.csv $a | foreach { Set-Mailbox -MaxSendSize "0" $_.name}
One of these solutions, or a combination, should solve your problem.
My admin is a sucker and I want to by pass this and forward my MS outlook mail to my iCloud account. How can I do it?
If manual forwarding (you hit forward) works, a macro can automate it. The information in this article applies to automated forwarding using Rules.
Hi Diane,
I wonder how to resolve signature keeps on remembering old signature and unable to delete or modify the old signature in Outlook 2007 and Outlook 2013?
You can't remove it in Outlook's signature editor? Or is it added by the exchange server?
In Outlook, you can delete it off the hard drive - its under %localappdata%.
Is there an option to allow forwarding to a whitelist of domains? Onlines tools such as Slack are more valuable when e-mails can be sent directly to them.
No. But if you will always forward to the same email address, a contact user could be created in the AD - mail sent it to is forwarded to the external SMTP on the user. This will bypass the blocks because the server because you forward to the contact's AD address and the server forwards.
Hello,
I don't see "Remote domain" in Exchange Admin Center > Mail flow.
I am using Exchange server 2013.
Thanks,
If its not exposed in the UI, you'll need to use powershell to access it.