Office 365

Office 365 – Find Users Forwarding Emails (PowerShell)

I saw today someone posting a script that allow you to find Inbox Rules that have forward rules setup in Microsoft Office 365. This is actually pretty common scenario and some people do this without proper approval of management or even against organization policies. Below you can find my version of it. If you want to see original you can find it at GitHub. Below script includes couple of steps:

Connect to Office 365

Get all Exchange Mailboxes from Office 365

Get all Inbox Rules (from all user mailboxes)

Get all Inbox Rules that have forwarding defined

Finally export to Excel file in 3 worksheets.

Office 365 - PowerShell Script to get Inbox Rules

Clear-Host
Import-Module PSWriteExcel
Import-Module PSSharedGoods

$Configuration = @{
    Tenant     = @{
        UserName         = 'przemyslaw.klys@domain.com'
        Password         = 'C:\Support\GitHub\Ignore\MySecurePassword.txt'
        PasswordSecure   = $true
        PasswordFromFile = $true
        ConnectionURI    = 'https://outlook.office365.com/powershell-liveid/'
        Authentication   = 'Basic'
        SessionAzure     = 'SessionAzure'
        SessionAzureAD   = 'SessionAzureAD'
        SessionExchange  = 'SessionExchange'
    }
    Steps      = @{
        ConnectTenant  = @{
            Azure          = $false
            AzureAD        = $false
            ExchangeOnline = $true
        }
        FindInboxRules = $true
    }
    OutputFile = "$Env:USERPROFILE\Desktop\myReport.xlsx"
}


if ($Configuration.Steps.ConnectTenant.Azure) {
    $SessionAzure = Connect-WinAzure -SessionName $Configuration.Tenant.SessionAzure -Username $Configuration.Tenant.UserName -Password $Configuration.Tenant.Password -AsSecure:$Configuration.Tenant.PasswordSecure -FromFile:$Configuration.Tenant.PasswordFromFile
}
if ($Configuration.Steps.ConnectTenant.AzureAD) {
    $SessionAzureAD = Connect-WinAzureAD -SessionName $Configuration.Tenant.SessionAzureAD -Username $Configuration.Tenant.UserName -Password $Configuration.Tenant.Password -AsSecure:$Configuration.Tenant.PasswordSecure -FromFile:$Configuration.Tenant.PasswordFromFile
}
if ($Configuration.Steps.ConnectTenant.ExchangeOnline) {
    $Session = Connect-WinExchange -SessionName $Configuration.Tenant.SessionExchange -Username $Configuration.Tenant.UserName -Password $Configuration.Tenant.Password -AsSecure:$Configuration.Tenant.PasswordSecure -FromFile:$Configuration.Tenant.PasswordFromFile -ConnectionURI $Configuration.Tenant.ConnectionURI -Authentication $Configuration.Tenant.Authentication
    Import-PSSession $Session -AllowClobber
}

if ($Configuration.Steps.FindInboxRules) {
    $Mailboxes = get-mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited | Select-Object UserPrincipalName, PrimarySMTPAddress, SamAccountName, DisplayName, Name, Identity

    $InboxRules = @()
    $i = 1
    foreach ($Mailbox in $Mailboxes) {
        Write-Color -Text "$($i) of $($totalMailbox)", ' | ', "$($mailbox.UserPrincipalname)", ' | ' -Color Yellow, White, Blue, White
        $InboxRules += Get-InboxRule -Mailbox $mailbox.UserPrincipalName | Select-Object *
        $i++
    }


    $InboxRulesForwarding = @()
    foreach ($Mailbox in $Mailboxes) {
        $UserRules = $InboxRules | Where-Object { ($Mailbox.Identity -eq $_.MailboxOwnerID) -and (($_.ForwardTo -ne $null) -or ($_.ForwardAsAttachmentTo -ne $null) -or ($_.RedirectsTo -ne $null)) }
        foreach ($Rule in $UserRules) {
            $InboxRulesForwarding += [pscustomobject] @{
                UserPrincipalName     = $Mailbox.UserPrincipalName
                DisplayName           = $Mailbox.DisplayName
                RuleName              = $Rule.Name
                Description           = $Rule.Description
                Enabled               = $Rule.Enabled
                Priority              = $Rule.Priority
                ForwardTo             = $Rule.ForwardTo
                ForwardAsAttachmentTo = $Rule.ForwardAsAttachmentTo
                RedirectTo            = $Rule.RedirectTo
                DeleteMessage         = $Rule.DeleteMessage
            }
        }
    }

    $Mailboxes | ConvertTo-Excel -FilePath $Configuration.OutputFile -ExcelWorkSheetName 'All Mailboxes' -AutoFilter -AutoFit
    $InboxRules | Select-Object * -ExcludeProperty PSComputerName, RunspaceID, PSShowComputerName, PSComputerName, IsValid, ObjectState | ConvertTo-Excel -FilePath $Configuration.OutputFile -ExcelWorkSheetName 'Inbox Rules' -AutoFilter -AutoFit
    $InboxRulesForwarding | ConvertTo-Excel -FilePath $Configuration.OutputFile -ExcelWorkSheetName 'Inbox Rules with Forwarding' -AutoFilter -AutoFit
}

You will need those

Below are 3 modules that I use to Connect to Office 365, to export to Microsoft Excel, and finally to use colorful output. You still will need standard modules required to connect to Office 365 because PSSharedGoods provides just a wrapper that allow easy connection setup. While you could skip those (and the script that is linked above doesn't require it) I've wrote some simple wrappers that allow me to manage things in easy way, and the way I want it.

Install-Module PSSharedGoods
Install-Module PSWriteExcel
Install-Module PSWriteColor

This post was last modified on October 24, 2018 09:53

Przemyslaw Klys

System Architect with over 14 years of experience in the IT field. Skilled, among others, in Active Directory, Microsoft Exchange and Office 365. Profoundly interested in PowerShell. Software geek.

Next Office 365 - Creating Archive Mailboxes with PowerShell in bulk »

Previous « Update-Module - PackageManagement\Install-Package : Unable to find repository

Published by

Przemyslaw Klys

Tags: exchange onlineforwarding rulesinboxrulesmailboxoffice 365powershell

6 years ago

Upgrade Azure Active Directory Connect fails with unexpected error
Today, I made the decision to upgrade my test environment and update the version of…
Mastering Active Directory Hygiene: Automating Stale Computer Cleanup with CleanupMonster
Have you ever looked at your Active Directory and wondered, "Why do I still have…
Active Directory Replication Summary to your Email or Microsoft Teams
Active Directory replication is a critical process that ensures the consistent and up-to-date state of…

Upgrade Azure Active Directory Connect fails with unexpected error

Today, I made the decision to upgrade my test environment and update the version of…

2 months ago

Active Directory

Mastering Active Directory Hygiene: Automating Stale Computer Cleanup with CleanupMonster

Have you ever looked at your Active Directory and wondered, "Why do I still have…

3 months ago

Active Directory

Active Directory Replication Summary to your Email or Microsoft Teams

Active Directory replication is a critical process that ensures the consistent and up-to-date state of…

7 months ago

Office 365

Syncing Global Address List (GAL) to personal contacts and between Office 365 tenants with PowerShell

Hey there! Today, I wanted to introduce you to one of the small but excellent…

12 months ago

Active Directory

Active Directory Health Check using Microsoft Entra Connect Health Service

Active Directory (AD) is crucial in managing identities and resources within an organization. Ensuring its…

1 year ago

PowerShell

Seamless HTML Report Creation: Harness the Power of Markdown with PSWriteHTML PowerShell Module

In today's digital age, the ability to create compelling and informative HTML reports and documents…