By default, Microsoft 365 tenant (formerly referred to as Office 365) prevents users from configuring up automatic forwarding of messages from user mailboxes to external email addresses. In this article, we will show you how to allow external forwarding in Microsoft 365 (Exchange Online).
In case when a user has configured an automatic forwarding rule to an external address in his Microsoft 365 mailbox using Outlook, the message will not be forwarded (when the rule is triggered). In such case, the user will receive a non-delivery report (NDR):
Your message wasn’t delivered because the recipient’s email provider rejected it.
Remote Server returned ‘550 5.7.520 Access denied, Your organization does not allow external forwarding. Please contact your administrator for further assistance. AS(7555)’
Hint. Microsoft disabled external email forwarding in Microsoft 365 by default starting from September 2020.
Microsoft 365 administrator can change the outbound spam protections settings and allow automatic external forwarding for any mailboxes.
- Sign in to Microsoft 365 Defender Portal under global admin account;
- Go to Policies & rules > Threat policies > Anti-spam policies;
- Find the following filter policy in the list: Anti-spam outbound policy and select Edit protection settings;
- Settings for external forwarding rules are specified in the Forwarding rules section. The default for Automatic forwarding rules is Automatic – System-controlled. Select, the option On-Forwarding is enabled from the dropdown menu to allow email forwarding;
- Save the changes.
All of your Microsoft 365 users can now configure automatic forwarding to external mailboxes in Outlook.
You can also enable automatic email forwarding only for specific M365 mailboxes. To do this, you need to create a separate antispam policy:
- Go to the Threat management > Anti-spam section;
- Click on the button Create policy > Outbound;
- Set the Name and Description of your new outbound spam filter policy;
- Select the Microsoft 365 users and/or groups that you want to allow external forwarding. Another approach can be used: enable the Exclude these users, groups and domains option and select the users/groups for which you want to deny email forwarding; Enable the option Automatic forwarding rules > On Forwarding is enabled;
- Click Next, review the policy, click Create to bind a new anti-spam policy for outgoing mail.
The specified users will now be able to enable external forwarding rules in Outlook. The rest will receive an NDR when configuring the rule: your organization does not allow external forwarding.
Hint. Your Microsoft 365 organization may have other transport rules or spam policies that block external forwarding in addition to the outbound spam filtering covered here.