A customer is running Exchange 2010 on-premises and has auto-forwarding of email messages disabled on an organizational level. After building a hybrid environment and migrating some users we found out that users were able to auto-forward email messages to external recipients.
In Office 365 auto-forward is enabled by default on an organizational level, but can be disabled on a tenant level by using Transport Rules. To achieve this, logon to the Exchange Admin Center of Office 365 (https://outlook.office365.com/ecp/) and select Rules in the Mail Flow section.
To create a new rule, click the + icon and select Create a new rule…
Give the new rule a name (for example Block Auto Forwarding) click More Options.
The rule should be applied to users that are Inside the Organization so in the Apply this rule if dropdown box select The sender is located and in the select sender location pop-up box select Inside the organization as shown in the following figure.
The second condition should be when messages are send to external users. Click on Add condition and for The recipient is located select Outside the organization as shown in the following figure.
To block these messages add a third condition, in the where the message type is dropdown box select The message properties and select include the message type. In the following select message type popup box select Auto-forward and click OK.
The last step is the action that need to be taken, in this scenario block the message. In the Do the following dropdown box select Block the message and then select Reject the message and include an explanation.
In the Specify rejection reason enter a small explanation like “Autoforwarding in your organization is not allowed.” When a user has auto-forwarding enabled and Exchange tries to forward a message to an external recipient an NDR is generated containing this text.
Click Save to store the new Transport Rule that blocks auto-forwarded messages for your organization.