Microsoft 365 Major Change to External Email Forwarding

Beginning September 1st Microsoft will be rolling out a major change to Microsoft 365 (formerly Office 365) where settings around email external forwarding may be changed on your behalf. Generally from a security perspective, we recommend disabling this feature as it can allow your users to forward their email to their personal email, which means if their email gets hacked then they also gain access to their work emails.

Below are a set of tools to check if this update will affect you and how to prevent it from affecting your users. Also, if you’re looking for assistance in email security and best practices, we offer a FREE assessment of your email security.

Check If Users Are Using External Forwarding

If you're an admin user, go to https://protection.office.com/mailflow/dashboard in order to check if there have been any external auto-forwarded emails on your tenant. On the bottom left of your screen a graph called "Auto-forwarded messages" will provide insight when clicked on.

Check If You're Affected by the Change

1. One of the following user types will need to navigate to https://protection.office.com/antispam. User Types: Global Admin, Member of Organization Management, Security Administrator, Member of Hygiene Management.

2. In the anti-spam page of Security & Compliance Center you can manually enable or disable auto-forwarding by clicking on the default "Outbound spam filter policy (always ON): policy and click "Edit Policy". Click on the Automatic Forwarding option and then choose the needed option from the drop down. If it is left as System-Controlled then Microsoft will be automatically managing the setting and turning auto-forwarding off by default.

Limit Use of External Email Forwarding

3. If you would like to create a custom policy to manage which specific users or groups can auto-forward click on the "Create an Outbound Spam Policy" and configure the settings as needed for notifications, recipient limits, automatic forwarding and who the policy is applied to.

If you have any questions about this change or looking for help to see if you're at risk of a service interruption. Use our live chat or give us a call at 866-804-9040.