Hello,

We recently deployed Exchange 2013 CU7 and a mix of Outlook 2010 and 2013 clients.

Some users are requesting the ability to set up a rule so that they can forward emails received

on their Outlook client to their external email addresses, for example, at Yahoo, Gmail, Comcast, etc.

By default, Exchange turns off this feature, but it can be turned on globally for all users. 

Are there any security risks if I turn this feature on and allow users to setup forwarding rules.

What are the implications, and why should I NOT turn this on?

Right now, I do selective forwarding via Exchange ECP.

Thank you.

Kim

kwindancer@excite.com

In my opinion it's a terrible practice to allow this for many reasons, including inadvertent release of proprietary information and potential mail loops.  But more importantly, it simply isn't needed.  You should publish your Exchange server properly to the Internet so that they can get access to information without having to use third-party e-mail systems.