'550 5.7.520 Access denied, Your organization does not allow external forwarding

Frikkie298 0 Reputation points
2024-02-19T10:41:59.82+00:00

Good morning,

Need some help here.

We have a consultant that gets this error when auto forwarding mail to us that gets this message:

'550 5.7.520 Access denied, Your organization does not allow external forwarding.

I understand the error and know what to do to make it go away.

My questions are:

  1. What will the consequences be of allowing auto-forwarding?
  2. Is there a way to work around this and only allow auto-forwarding for one email address or domain?

As far as i an tell it is all or noting with this setting and I feels incredible risky to allow it.

Thanks

Microsoft 365 and Office | Install, redeem, activate | For business | Windows
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Michael Morten Sonne 605 Reputation points MVP
    2024-02-19T11:48:55.1866667+00:00

    Hi @Frikkie298 ,

    This is happening as the setting for the Anti-spam outbound policy in the Security center (https://security.microsoft.com/antispam) is set to block Automatic forwarding.

    This is a default setting over time, and you can allow users/mailboxes to de excluded if needed.

    Here is my answers to your 1:

    Risks and consequences:

    • Security: Auto-forwarding can pose security risks if etc. some emails is set to be send to an company's competitor or private email from your work email
    • Data Leakage: There is a risk of unintentional data leakage if sensitive information is forwarded to external accounts without proper security measures.

    Here is my answers to your 2:

    You can allow this specific user/mailbox this way:

    • Go to https://security.microsoft.com/antispam
    • Select "+ Create policy" and choose "Outbound"
    • Give your new outbound spam filter policy a name and description.
    • Click Next and search to find the user account you want to allow to forward
    • Click Next again, scroll down to the Forwarding rules section, and click the dropdown under Automatic forwarding rules. Choose On - Forwarding is enabled, then click Next.

    It is possibel to allow it for all in the Anti-spam outbound policy (Default) policy, but I will NOT recommend that.

    Hope this help you :)

    4 people found this answer helpful.

  2. Frikkie298 0 Reputation points
    2024-02-20T08:12:57.52+00:00

    Here is a screen shot of the error. IT shows the remote server rejected the message. So it has to be something on my side that needs to be done.
    error 550


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.