Forwarding a Email account to an Email Group in Exchange Ramifications?


We are running Exchange 2013 and I have a few users that are asking if they can have a user email forward to an email distribution group.  It seems like its possible but you need to rely on Powershell as apposed to the EAC GUI scaffolding.   But I am wondering, is this recommended?  Are there any ramifications to doing this like email routing loops or Out of Office Storms?  Ordinarily I would just change the account in question to a group, but i believe it needs to be an account for 3rd part authentication purposes.

Thanks for your insight and experience.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mohammad Ishtyaq khatriSr. EngineerCommented:

It is about the choice and the requirement why you need to do it. You have mentioned users email forward, which is in short forwarding emails received by a user that could also violate any security policies in our organization. You should first validate this approach with your security team within the organization. If this is a service account and not an actual user account I feel it should be fine.

However, you can set the forwarding with minimum efforts within the EAC console by following the below steps

1. Open EAC
2. Search for the user you need to forward --> Open Properties
3. Go to Mailbox Features --> Mail flow --> View Details
4. Check Enabled Forwarding --> Browse the group you want to sent the email to --> Check if you want to deliver the message to both the destinations
5. If the email group you are trying to forward email to is not within your exchange organization: You can skip the No. 4 and follow No. 6
6. Create a contact with the name of that group --> set the external SMTP address of that contact as that group SMTP address and now follow the step 4. again to set the forwarding. While browsing search for the contact you need to forward and that should be good to go.

Note: If the receiving group which is outside your organization and is not enabled to receive emails from outside. That group admin has to enabled that setting on their end. However, if that group is within your organization you don't need to do any of those settings on the group.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial

I agree 100% with @Mohammad Ishtyaq Khatri

In our organization as well this would be a violation of security Protocols. It all depends on the e-mail account and the "Content" that will be shared through it.

As a general rule this is frowned upon, but can be ok in "some" circumstances,

If the account is a svc account as listed above. If the account is a pooled account that many departments use then I don't see why it can't be a distribution group.

If the account is a "Users" account or "Former Employee" account this could be a problem. All depends on your company security policies and how you handle terminated users. I might before I did that check with my Security Team and or "Legal Team" to get their take on the matter. If you are utilizing a former employees account and need it in the future for litigation you are most likely not going to be able to use it if you take this approach.
CnicNVAuthor Commented:
Thanks to both of you for the feedback and detailed step by step.  

For the record, this account is a service account and is not used by an actual person per-say, it is mostly used to authenticate to, receive alerts and for testing purposes.  Was more kind of worried about some-kind of unforeseen email topology loop.  But yeah, there should never been an auto-reply put onto it lol and I will not make it a member of the same group.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.