The Exchange administrator can use a Remote Domain to control many aspects of email globally. Along with controlling the email format (HTML or RTF) used on email sent to Internet addresses, the administrator can also configure Exchange to allow (or block) Out of Office messages, automatic replies and forwards, and read or delivery receipts or non-delivery report to the domain.
The administrator can configure multiple remote domains as to allow some actions to specific domains while blocking other domains. For example, the administrator can block mail sent by rules to forward mail to Hotmail or Gmail accounts while allowing automatic forwards to a client's domain.
The remote domain feature is accessed through the Exchange Management Console Organization Configuration > Hub Transport > Remote Domains or using the following cmdlets.
To get a list of all remote domains where the parameter (TNEF, in this example) is disabled:
Get-RemoteDomain | Where {$_.TNEFEnabled -eq $false}
To create a new remote domain, enter a DomainName and a friendly name:
New-RemoteDomain -DomainName thedomain.com -Name thedomain
To enable a parameter, in this example we are enabling TNEF to the remote domain named "thedomain":
Set-RemoteDomain -Identity thedomain -TNEFEnabled $true
To disable TNEF on the default domain, use
Set-RemoteDomain -Identity Default -TNEFEnabled $false
Use PowerShell to log into Office365 Exchange
Commonly used Remote Domain Parameters
Below are the most commonly used RemoteDomain settings. As in the examples above, use the parameter and value in the cmdlet. You can use multiple parameters if necessary.
Set-RemoteDomain -Identity gmail -TNEFEnabled $false -AutoReplyEnabled $true -NDREnabled $false
For complete list, see Set-RemoteDomain (TechNet)
| Parameter | Usage | Allowed values (Default value in bold) |
|---|---|---|
| AllowedOOFType | To allow Out-of-Office notifications to outside domains | External, ExternalLegacy, None, and InternalLegacy |
| AutoForwardEnabled | To allow messages that are auto-forwarded by client e-mail applications. | $true or $false |
| AutoReplyEnabled | To allow messages that are automatic replies from client e-mail applications. | $true or $false |
| DeliveryReportEnabled | To allow delivery reports from client software in your organization to the remote domain. | $true or $false |
| IsInternal | Whether the recipients is considered an internal recipient. Use $true if this remote domain is part of your cross-premises deployment. | $true or $false |
| LineWrapSize | Set the line-wrap length for outbound messages. | An integer from 0 through 132, or unlimited |
| MeetingForwardNotificationEnabled | To enable meeting forward notifications. When a user forwards a meeting request to this domain, do you want the organizer to be notified? | $true or $false |
| NDRDiagnosticInfoEnabled | Include diagnostic information in NDRs sent to the remote domain. This may include information you do not want shared with external recipients. If you set this parameter to $false, the diagnostic information section in the NDR body as well as internal server headers from the attached original message headers are removed from the NDR. | $true or $false |
| NDREnabled | To allow non-delivery reports (NDRs) from your organization. | $true or $false |
| TNEFEnabled | Allow Transport Neutral Encapsulation Format (TNEF) message encoding on messages sent to the remote domain. Use $false to domains that do not use Outlook, to prevent winmail.dat attachments. | $true: All email uses RTF $false: TNEF encoding is not used. Task requests and Voting sent to the remote domain may not work as expected. $null: TNEF encoding for recipients is controlled by Outlook. |
| TrustedMailInboundEnabled | Treat e-mail received from this remote domain as trusted messages. $true means all incoming messages from this remote domain are considered safe and bypass content and recipient filtering. | $true or $false |
| TrustedMailOutboundEnabled | To treat the remote domain as a trusted domain. Use $true in cross-premises deployment scenarios. | $true or $false |
| UseSimpleDisplayName | Use simple display names for senders in messages sent to this domain. | $true or $false |
More Information
Set-RemoteDomain (TechNet)
We are running exchange 2010 sp3 and have a policy enforcing no OOF externally which has been set at the remote domain. Is there a way to exempt certain individuals from this, allowing them to send OOF externally?
You can allow it by domain, by adding more remote domains and/or you can use a cmdlet to block users or groups from sending externally.
Set-Mailbox -Identity John -ExternalOofOptions External
https://technet.microsoft.com/en-us/library/bb123981(v=exchg.150).aspx
Thank you for your comment.
We are using exchange 2010. If it is impossible to assign permissions for some users, is there any other way? We would like to prohibit auto-foward function for most of the users, however we need to assign permissions for very limited users.
You can create a contact in the AD for the address they want to forward to.
https://support.microsoft.com/kb/317652 (it works for all versions)
I would like to prohibit auto forward to outside of out active directry. But I also need to allow some users to use this function. It is appreciated if you could instruct me how to do it.
You'd configure the autoforward on the server as a Remote Domain but AFAIK you can't assign permissions to use it. What version of Exchange do you use?