none
list inbox rules for all mailboxes which set to forward, redirect or forward as attachment to external recipient RRS feed

  • Question

  • I'd looking for a script to query the entire Org (all mailboxes), find the Inbox rule(s) where it's set to forward, redirect or forward as attachment to external address and output to a file with userID, rule name and external recipient smtp.

    I searched online and found this script very close to what I need.

    https://exchangequery.com/2014/10/07/script-to-identify-the-users-forwarding-redirecting-and-forward-as-attachment-emails-to-external-ids/

    Set-Adserversettings -viewentireforest $true

    foreach ($mbx in (Get-Mailbox -ResultSize unlimited)) { Get-InboxRule -Mailbox $mbx.DistinguishedName | where {($_.ForwardTo -ne  $null) -or ($_.redirectto -ne $null) -or ($_.forwardasattachment -ne $null)} | select  MailboxOwnerID,Name,ForwardTo | export-csv d:\ForwardRule.csv} -Notypeinformation

    Send-MailMessage -To alias@domain.com -cc alias@domain.com -From anyid@domain.com -Subject “Forward To” -Attachments d:\ForwardRule.csv -SmtpServer specifytransportserver

    But the problem is that it also listed rules forwarding to internal users.  I can manually clean it up for just smtp recipients.  But needs to run it regularly.  So need help to get a better script just output only external recipients or modify the script above to sore it out.

    Thanks,


    • Moved by jrv Saturday, June 29, 2019 12:24 AM Correct forum
    Saturday, June 29, 2019 12:01 AM

Answers

  • Hi Chris,

    Try the following Script and check if it helps:

    =========================

    $mailboxes = Get-Mailbox -ResultSize Unlimited
     
    foreach ($mailbox in $mailboxes) {
     
        $forwardingRules = $null
        Write-Host "Checking rules for $($mailbox.displayname) - $($mailbox.primarysmtpaddress)" -foregroundColor Green
        $rules = get-inboxrule -Mailbox $mailbox.displayname
         
        $forwardingRules = $rules | Where-Object {$_.forwardto -or $_.forwardasattachmentto -or $_.RedirectTo}
     
        foreach ($rule in $forwardingRules) {
            $recipients = @()
            $recipients = $rule.ForwardTo | Where-Object {$_ -match "SMTP"}
            $recipients += $rule.ForwardAsAttachmentTo | Where-Object {$_ -match "SMTP"}
            $recipients += $rule.RedirectTo | Where-Object {$_ -match "SMTP"}
            $externalRecipients = @()
     
            foreach ($recipient in $recipients) {
                $email = ($recipient -split "SMTP:")[1].Trim("]")
                $domain = ($email -split "@")[1]
     
                if ($domains.DomainName -notcontains $domain) {
                    $externalRecipients += $email
                }    
            }
     
            if ($externalRecipients) {
                $extRecString = $externalRecipients -join ", "
                Write-Host "$($rule.Name) forwards to $extRecString" -ForegroundColor Yellow
     
                $ruleHash = $null
                $ruleHash = [ordered]@{
                    PrimarySmtpAddress = $mailbox.PrimarySmtpAddress
                    DisplayName        = $mailbox.DisplayName
                    RuleId             = $rule.Identity
                    RuleName           = $rule.Name
                    RuleDescription    = $rule.Description
                    ExternalRecipients = $extRecString
                }
                $ruleObject = New-Object PSObject -Property $ruleHash
                $ruleObject | Export-Csv C:\testScript\externalrules.csv -NoTypeInformation -Append
            }
        }
    }

    ============================

    Copy above script and save it as an .PS1 file, then run it on your exchange server.

    I have tested in my lab, it works as expected, the result as below:


    Best Regards,
    Niko Cheng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.


    Monday, July 1, 2019 7:41 AM
    Moderator
  • Hi Chris,

    I have tested in my lab, it works as expected, as below:

    For the error(red), it shows that there is an inbox rule applies to internal users, the script cannot resolve these users.


    Best Regards,
    Niko Cheng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    • Marked as answer by ChrisD0919 Friday, July 5, 2019 2:35 PM
    Thursday, July 4, 2019 9:16 AM
    Moderator

All replies

  • This forum is not for modifying scripts you have found on the Internet.   For help using Exchange please post in the Exchange PowerShell forum.

     





    \_(ツ)_/


    • Edited by jrv Saturday, June 29, 2019 12:24 AM
    Saturday, June 29, 2019 12:23 AM
  • Hi Chris,

    Try the following Script and check if it helps:

    =========================

    $mailboxes = Get-Mailbox -ResultSize Unlimited
     
    foreach ($mailbox in $mailboxes) {
     
        $forwardingRules = $null
        Write-Host "Checking rules for $($mailbox.displayname) - $($mailbox.primarysmtpaddress)" -foregroundColor Green
        $rules = get-inboxrule -Mailbox $mailbox.displayname
         
        $forwardingRules = $rules | Where-Object {$_.forwardto -or $_.forwardasattachmentto -or $_.RedirectTo}
     
        foreach ($rule in $forwardingRules) {
            $recipients = @()
            $recipients = $rule.ForwardTo | Where-Object {$_ -match "SMTP"}
            $recipients += $rule.ForwardAsAttachmentTo | Where-Object {$_ -match "SMTP"}
            $recipients += $rule.RedirectTo | Where-Object {$_ -match "SMTP"}
            $externalRecipients = @()
     
            foreach ($recipient in $recipients) {
                $email = ($recipient -split "SMTP:")[1].Trim("]")
                $domain = ($email -split "@")[1]
     
                if ($domains.DomainName -notcontains $domain) {
                    $externalRecipients += $email
                }    
            }
     
            if ($externalRecipients) {
                $extRecString = $externalRecipients -join ", "
                Write-Host "$($rule.Name) forwards to $extRecString" -ForegroundColor Yellow
     
                $ruleHash = $null
                $ruleHash = [ordered]@{
                    PrimarySmtpAddress = $mailbox.PrimarySmtpAddress
                    DisplayName        = $mailbox.DisplayName
                    RuleId             = $rule.Identity
                    RuleName           = $rule.Name
                    RuleDescription    = $rule.Description
                    ExternalRecipients = $extRecString
                }
                $ruleObject = New-Object PSObject -Property $ruleHash
                $ruleObject | Export-Csv C:\testScript\externalrules.csv -NoTypeInformation -Append
            }
        }
    }

    ============================

    Copy above script and save it as an .PS1 file, then run it on your exchange server.

    I have tested in my lab, it works as expected, the result as below:


    Best Regards,
    Niko Cheng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.


    Monday, July 1, 2019 7:41 AM
    Moderator
  • Niko,

    Your script is excellent!  May I request 2 more outputs?

    1. How to add a column showing whether the rule is on or off?

    2. The description column is very good but many of them are too long.  Is it possible to replace it with the type of rule such as 'Forward to" or "Redirect to" or Forward as attachment"?

    I also ran into the red errors you got. Just curious what was the cause?  

    Thanks,

    Monday, July 1, 2019 11:25 PM
  • Hi Chris,

    1. How to add a column showing whether the rule is on or off?

    Add a column named "Enabled" as below, True = on, false =off:

    $ruleHash = [ordered]@{
                    PrimarySmtpAddress = $mailbox.PrimarySmtpAddress
                    DisplayName        = $mailbox.DisplayName
                    RuleId             = $rule.Identity
                    RuleName           = $rule.Name
                    RuleDescription    = $rule.Description
                    ExternalRecipients = $extRecString

                    Enabled = $rule.Enabled
    2. Is it possible to replace it with the type of rule such as 'Forward to" or "Redirect to" or Forward as attachment"?

    You can add columns like above, but these properties will show the detailed recipient email addresses, it's not recommended. 


    Best Regards,
    Niko Cheng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Tuesday, July 2, 2019 9:04 AM
    Moderator
  • Hi Niko,

      I have added the rule enabled column to the script and am running it now.  How about the errors (red) while running the script?  I got that too.  Any idea why and am I missing any rules?

    Thanks.

    Tuesday, July 2, 2019 3:20 PM
  • Hi Niko,

      I added Enabled = $rule.Enabled to the script.  The output file now has a column but no value.  I tried the command below, it does return a value to "Enabled" attribute.  Can you add it to the script and test it on your end?

    Get-InboxRule -mailbox <mailboxID> | Select mailboxID, Name, Enabled

    Thanks,

    Tuesday, July 2, 2019 6:37 PM
  • Hi Chris,

    I have tested in my lab, it works as expected, as below:

    For the error(red), it shows that there is an inbox rule applies to internal users, the script cannot resolve these users.


    Best Regards,
    Niko Cheng


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    • Marked as answer by ChrisD0919 Friday, July 5, 2019 2:35 PM
    Thursday, July 4, 2019 9:16 AM
    Moderator
  • Hi Niko,

      You are correct.  after added Enabled = $rule.Enabled the script does output the proper value.  It's my mistake.  I didn't check the whole output file. My first run was without Enabled = $rule.Enabled and it generated 200 entries.  Then added the line to the script and re-run it.  I didn't realized that the output csv was appending instead of overwriting.  So when opened the csv file the top first 200 lines had empty value for the Enabled column.  I didn't go further down and thought the script didn't get the result.  Now, I always delete the old file if exists before running the script.  This is the output is good.  

     I'm just curious if Export-csv -append is necessary for this script.  

    Thanks,

    Friday, July 5, 2019 2:53 PM