The Proverbial Buck Stops Here!

The saying "the buck stops here" derives from the slang expression "pass the buck" which means passing the responsibility on to someone else. But in our case we will be referring to users who want to pass your enterprise's email outside of your domain. I mean what kind of dill-weed would do things like this when we offer web-mail and active-sync. Basically you have to be a special kind of stupid.

Recently i was asked to write a quick script by my supervisor that would show all the users who have a forward or redirect rule in their outlook rules. Why, you may ask yourself. We're a large organization that handles confidential information via our email, We cannot allow users to go willy nilly with their email and forward it out to Gmail,Yahoo, Etc..... Especially when a user could have that password set to, and i quote from experience here "abc123". For a quick reference here are the top 10 Yahoo email passwords. If one of these is your password please close this blog and go finish eating those paint chips.


1. 123456
2. password
3. welcome
4. ninja
5. abc123
6. 123456789
7. 12345678
8. sunshine
9. princess
10. qwerty

When writing the script I had to do a little research and realized that we can only show rules that have been set server side and not rules marked to run on this computer only. But that's okay soon ill post the script that will show you what they have on their side. So if you look below you will see the savior of your emails sanctity.

#This will ask you gor your Username and password they should be supplied in the
#Global\username
$cred = Get-Credential
#This will start a powershell session with the exchange server as these commands
#will not work with the powershell snap-in
$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://yourexchangeserverhere/powershell -Authentication basic -Credential $cred
#starts the Session
Import-PSSession $s

#removes old file
del "C:\Forward_Rule.txt"

#gets all mailboxes
$users = Get-Mailbox -ResultSize unlimited

foreach ($user in $users){
$name = $user.name
$alias = $user.Alias
$rules = Get-InboxRule -Mailbox $name | where {$_.ForwardTo}
Add-Content "C:\Forward_Rule.txt"  "Name: $name"
Add-Content "C:\Forward_Rule.txt"  "Alias: $alias"
foreach ($rule in $rules){
$rname = $rule.Name
$ffwd = $rule.ForwardTo
Add-Content "C:\Forward_Rule.txt"  "Rule Name: $rname"
Add-Content "C:\Forward_Rule.txt"  "Forward to: $ffwd"
Add-Content "C:\Forward_Rule.txt"  ""
}
}

#removes old file
del "C:\Redirect_Rule.txt"

foreach ($user in $users){
$name = $user.name
$alias = $user.Alias
$rules = Get-InboxRule -Mailbox $name | where {$_.ReDirectTo}
Add-Content "C:\Redirect_Rule.txt"  "Name: $name"
Add-Content "C:\Redirect_Rule.txt"  "Alias: $alias"
foreach ($rule in $rules){
$rname = $rule.Name
$ffwd = $rule.ForwardTo
Add-Content "C:\Redirect_Rule.txt"  "Rule Name: $rname"
Add-Content "C:\Redirect_Rule.txt"  "Redirect to: $ffwd"
Add-Content "C:\Redirect_Rule.txt"  ""
}
}