You might have read my previous post about How to Block External Forwarding in Exchange Online
Where we ended at à
“If you want to cover powerautomate as well then use transport rule as well as security and compliance method”
In this small post we will cover the steps to be taken in case you want to block the External Email from PowerAutomate.
First Create a group and add those accounts from which you want PowerAutomate to be able to send external emails.
Next Step is to create Exchange online transport rule as that is the only way you will be able to implement this requirement.
To block it you want to know the Header PowerAutomate is setting on emails so just send one external email from it by creating a simple flow:
Note: this is just illustration for knowledge only, it will be same for your environment as well.
After that just generate it by clicking test now in edit mode, after that you can turn off the flow.
Now go to your external email account and grab the headers, analyze it with https://mxtoolbox.com/EmailHeaders.aspx or any other message header analyzer.
You will find the below string which we will be using to block external emails from flow.
Let us now create the Rule:
As an Exchange Administrator log on to url : https://outlook.office365.com/ecp
Hit à Mail Flow
Click + icon and start creating the New Transport Rule: Stop Auto forwarding from PowerAutomate
Apply this rule if àThe sender id located inside the Organization
The recipient is located Outside the Organization
A message Header includes x-ms-mail-application header includes Power Automate
Action: Reject the message with the explanation
à Auto forwarding to external user through PowerAutomate is not allowed
Except if: The sender is member of : PowerAutomate-Exception group
Once this is setup, Email to external world from PowerAutomate will be rejected.
I hope this blogpost will assist you setting up the block on PowerAutomate external email if your organization is looking for implementing it.
Thanks for reading …