The Proverbial Buck Stops Here!

The saying "the buck stops here" derives from the slang expression "pass the buck" which means passing the responsibility on to someone else. But in our case we will be referring to users who want to pass your enterprise's email outside of your domain. I mean what kind of dill-weed would do things like this when we offer web-mail and active-sync. Basically you have to be a special kind of stupid.

Recently i was asked to write a quick script by my supervisor that would show all the users who have a forward or redirect rule in their outlook rules. Why, you may ask yourself. We're a large organization that handles confidential information via our email, We cannot allow users to go willy nilly with their email and forward it out to Gmail,Yahoo, Etc..... Especially when a user could have that password set to, and i quote from experience here "abc123". For a quick reference here are the top 10 Yahoo email passwords. If one of these is your password please close this blog and go finish eating those paint chips.


1. 123456
2. password
3. welcome
4. ninja
5. abc123
6. 123456789
7. 12345678
8. sunshine
9. princess
10. qwerty

When writing the script I had to do a little research and realized that we can only show rules that have been set server side and not rules marked to run on this computer only. But that's okay soon ill post the script that will show you what they have on their side. So if you look below you will see the savior of your emails sanctity.

#This will ask you gor your Username and password they should be supplied in the
#Global\username
$cred = Get-Credential
#This will start a powershell session with the exchange server as these commands
#will not work with the powershell snap-in
$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://yourexchangeserverhere/powershell -Authentication basic -Credential $cred
#starts the Session
Import-PSSession $s

#removes old file
del "C:\Forward_Rule.txt"

#gets all mailboxes
$users = Get-Mailbox -ResultSize unlimited

foreach ($user in $users){
$name = $user.name
$alias = $user.Alias
$rules = Get-InboxRule -Mailbox $name | where {$_.ForwardTo}
Add-Content "C:\Forward_Rule.txt"  "Name: $name"
Add-Content "C:\Forward_Rule.txt"  "Alias: $alias"
foreach ($rule in $rules){
$rname = $rule.Name
$ffwd = $rule.ForwardTo
Add-Content "C:\Forward_Rule.txt"  "Rule Name: $rname"
Add-Content "C:\Forward_Rule.txt"  "Forward to: $ffwd"
Add-Content "C:\Forward_Rule.txt"  ""
}
}

#removes old file
del "C:\Redirect_Rule.txt"

foreach ($user in $users){
$name = $user.name
$alias = $user.Alias
$rules = Get-InboxRule -Mailbox $name | where {$_.ReDirectTo}
Add-Content "C:\Redirect_Rule.txt"  "Name: $name"
Add-Content "C:\Redirect_Rule.txt"  "Alias: $alias"
foreach ($rule in $rules){
$rname = $rule.Name
$ffwd = $rule.ForwardTo
Add-Content "C:\Redirect_Rule.txt"  "Rule Name: $rname"
Add-Content "C:\Redirect_Rule.txt"  "Redirect to: $ffwd"
Add-Content "C:\Redirect_Rule.txt"  ""
}
}

Sometimes Apple's Go Bad

Don't get me wrong i love my Apple iPhone and I will probably never change that. But with the recent bug in iOS 6.1 which basically if you respond to a recurring meeting invite you get stuck in a "loop" that causes excessive heat and battery drain on the iOS device and rapid log growth for the Exchange storage group where their mailbox is located. It gets me to wondering how they don't see these things during a proper Beta. This bug happened in our environment and we were forced to enact a throttling policy for Apple mobile devices. Once apple had released a fix for this bug in iOS 6.1.2 we needed to see what users were still on an older version on their mobile device. Using the cmdlet Get-ActiveSyncDeviceStatistics i thought i would be able to pull all of the information that we needed from our exchange server. After much trial and error i realized that this cmdlet doesn't not work in the Powershell exchange snap-in and it must be run on the exchange server itself.