Thursday, April 26, 2012

Disable "Anyone outside my organization" in Outlook/Exchange 2010

We had a requirement in our organization recently to disallow sending auto replies (formerly know as out-of-office messages) to recipients outside our organization who are not in our contacts. The basis for the request was to stop spammers from finding valid email addresses and to prevent SMTP loops. There are also concerns around privacy. You don't want people you don't know being aware you're out of town on vacation for the next two weeks!


To achieve this we run a script which changes the mailbox settings to disable the “Anyone outside my organization” in Outlook:
The following script was setup on our Exchange 2010 server to run as a scheduled task every hour (D:\scripts\lockextooftocontactsonly.ps1):
Get-Mailbox -database "DB01" | Get-MailboxAutoReplyConfiguration | where {($_.AutoReplyState -eq "Enabled") -AND ($_.ExternalAudience -eq "All")} | foreach {Set-MailboxAutoReplyConfiguration $_.Identity -ExternalAudience "Known"}


Note: You need to change DB01 to the name of your mailbox database.

The script does not disable the ability of a user to select the “Anyone outside my organization” option. It simply changes the option to “My Contacts only”. As a result the script needs to be run numerous times throughout the day to update the mailboxes with the proper setting.



2 comments:

Anonymous said...

Would this work on Exchange / Outlook 2007 also??

Anonymous said...

Thanks for sharing! This just helped answer a question on SpiceWorks: http://community.spiceworks.com/topic/412776-gpo-for-out-of-office-replies?page=1#entry-2753931