The default behavior for Microsoft 365 is to allow users to forward mail to internal recipients only. The setting “Automatic forwarding” controls this.
Security > Policies & rules > Threat Policies > Anti-spam policies > Anti-spam outbound policy (Default)
The problem, however, is the Outlook Web Interface will still allow you to enter an external e-mail forwarding address.
And the result is a bounce which is very confusing to the user.
If you want to allow users to forward e-mail to external addresses, you need to change the Anti-spam outbound policy for Automatic Forwarding to “On – Forwarding is enabled”. This is not a good idea.
If you must forward mail to an external e-mail address, it’s much better handled by a Mail Flow Transport Rule in Exchange Admin Center. Here, you can redirect mail to an external address while retaining the default Anti-spam outbound policy for Automatic Forwarding “Automatic – System-controlled”. A Transport rule also supersedes forwarding set by the user in the Outlook.
The question remains: Why doesn’t Microsoft provide an error message when a user attempts to configure forwarding to an external address when it is not allowed by policy?
