I used to have an auto forward set up on my mail account in Office365. However, since a few weeks I encountered the following errors:
Your message wasn’t delivered because the recipient’s email provider rejected it.
and
Remote Server returned ‘550 5.7.520 Access denied, Your organization does not allow external forwarding. Please contact your administrator for further assistance. AS(7555)’
The result of these error messages was that my emails were no longer automatically forwarded to another mailbox.
What causes this error Remote Server returned ‘550 5.7.520 Access denied’?
Before September 2020, Office 365 allowed emails to be automatically forwarded to external email addresses. This is called “External forwarding”. However, since September 2020, a setting has been changed, whereby External Forwarding is disabled by default at the organization level. This means that all mail that was previously neatly forwarded to an external email address is now suddenly blocked. The affected mailbox, the mailbox with the forwarding rule set up, receives the error “Your message wasn’t delivered because the recipient’s email provider rejected it.“
How to fix Remote Server returned ‘550 5.7.520 Access denied
An Office 365 administrator can adjust the default setting in the Office 365 environment, making it possible to forward mail externally again. If you are a user of Office 365, please ask your IT Admin to adjust the setting and send him or her the URL of this web page.
If you are an administrator, follow these steps to re-enable External Forwarding:
- Go to the Office365 Security and Compliance Dashboard
- Expand Threat Management and click Policy
- Click Anti Spam
- In the Anti-Spam settings, locate Outbound spam filter policy (Always ON) and click Edit policy
- In the Outbound spam filter policy, expand Automatic Forwarding. The default is set to Automatic – System-controlled.
- Select On – Forwarding is enabled and click Save. Forwarding to external mail addresses is now allowed. Note Microsoft says it may take up to 24 hours before the change takes effect. Although it took 5 minutes in my case 🙂
A setting to rethink – Automatic Forwarding to external email addresses
You may wonder whether it is a good idea to change the default setting for automatic forwarding to external addresses.
One reason for not allowing it is data loss prevention. Recently I was with a customer whose password had been leaked. Hackers have gained access to his mailbox. Instead of directly using his mailbox, they set – unnoticed – a rule that automatically forwarded all mail to an external email address. A good example of corporate espionage.
Perfect timing… I was pulling my hair out with this problem yesterday and today! Thank you so much for sharing the solution… I never would’ve found it.
worked like a charm, thanks for the post!
So what if you want it disabled by default but need exceptions 🙂
Excelente, muchas gracias.
Thank you so much for sharing the solution..
Thanks
Thank you! Finally the mystery is resolved!
Thanks for this – I had rule with exceptions within the exchange admin and it stopped working on Friday. If I change this to On, will the rules then pick up again and the exceptions still work or is there another way to do this?
Setting it to On would do the trick. No additional actions are required (at least, thats what I experienced at my customers environment)
Many thanks !!!
Thanks this article saved our ticketing system workflow.
Thank you figuring this out and sharing the solution
You’re welcome, Bob
thx man
thanks for the solution!
How can we apply on an individual user?
Thanks for sharing. However, it goes back to “Automatic – System Controlled” when i save and close the window
Thnx a lot for the solution
Another quick thank you for posting this, at least its a quick fix.
Thanks, but I can’t seem to save it. I am admin. Doing it in Chrome.
Man! Thanks a lot. You my hero!))
Thank you
Thank you, from Chile 🙂
Thanks for this very carefully composed and thorough explanation as to how to de-fang this completely sick default setting. MS did it, but reported it as if the remote server was responsible. I’m struggling to refrain from using profanity.
Noice, very noice
Thank you.
Huge Help, Thanks
Thank you – gr8 tip
Wow, thanks so much!!
This did the trick thank you!
changes have been saved, On – Forwarding is enabled
but why are my emails still undeliverable to one specific recipient? I rebooted my computer after all the steps
have you found the solution yet ? i have the same issue with you. I hope your solution :((
i am vietnamese too :((
Super Awesome! Thanks
Now I get the error that I must enable organization customization. Frankly, I am lost! Can someone advise how to enable organization customization? thank you
Same here! Any advice please?
I am not sure if this is the right way, but I managed to adjust it by going to https://protection.office.com/permissions. Here I gave myself the role in Organization Management. Now I can adjust the forwarding error, but somehow I still get an error. But maybe I have to be a little more patient 😉
Can someone share the solution as getting the
run the command: Enable-OrganizationCustomization
thanks
John van Ooijen, can you help all of us who have done what you blogged but are getting the other error messages?
Can someone share the solution as getting the
run the command: Enable-OrganizationCustomization
thanks
If we can get all the steps for downloading the powershell to configuring after and so on, that would be helpful.
I cannot access Office 365 Security and Compliance Dashboard. How else can i fix this??
THANK YOU!!!!!!!!!!! I’ve spent forever trying to fix this!!! It worked!
I have problem after click save
Exception of type ‘Microsoft.Exchange.Management.PSDirectInvoke.DirectInvokeCmdletExecutionException’ was thrown.
This still works; some of the original words associated with some of the things to click on have varied a bit, but not enough that you can’t figure it out. The end result worked just fine.
Hello, is this tutorial work for now in 2023?
I acces the security tab but nothing show up
can u update this guide?
Thanks
Hi NAON, thanks for your reply! It has indeed moved to https://security.microsoft.com/antispam
Now this setting is in Microsoft 365 Defender instead. https://security.microsoft.com/antispam