This guide explains how to allow external or automatic email forwarding in Microsoft 365 by modifying the Outbound Anti-Spam Policy within the Microsoft 365 Defender portal. This is required when forwarding emails to an external address is blocked.
Step 1: Sign in to Microsoft 365 Defender
1. Open your web browser and go to https://security.microsoft.com
2. Sign in with a Global Admin, Security Admin, or Exchange Admin account.
Step 2: Open Anti-Spam Policies
1. In the left-hand navigation menu, click Email & collaboration.
2. Click Policies & rules.
3. Under the Policies section, select Threat policies.
4. Click Anti-spam to open the Anti-spam policies page.
– Shortcut: You can also go directly to https://security.microsoft.com/antispam
Step 3: Open the Outbound Anti-Spam Policy
1. In the list of policies, locate Anti-spam outbound policy (Default).
2. Click the policy name to open the details panel.
Step 4: Edit Protection Settings
1. In the policy details panel, scroll down and click Edit protection settings.
Step 5: Enable Automatic Forwarding
1. In the Forwarding Rules section, find Automatic forwarding rules.
2. Open the dropdown and choose: On - Forwarding is enabled
3. This allows external and automatic forwarding for your tenant.
Step 6: Save Your Changes
1. Scroll to the bottom of the panel.
2. Click Save.
Important Notes
• If you have other custom outbound spam policies, they may override the default policy based on priority.
• To enable forwarding only for specific users, you can create a custom outbound spam policy and scope it to those users or groups.
• If forwarding still does not work, make sure the user mailbox is licensed with Exchange Online and that forwarding is enabled in their mailbox settings.