How to prevent Office 365 users from sending emails outside the organization?

There might be situations when it’s necessary to block the mail flow outside an organization for specific users or user groups. Let’s find out how you can use Exchange Online mail flow rules to prevent Office 365 users from sending emails to external recipients.

Block users from sending emails outside your Office 365 organization.

Block emails sent outside your Office 365 organization

To restrict all (or specific) users to sending only internal emails and block their emails when they’re sent to external recipients, follow the steps below:

  1. Log in to your Office 365 portal, then go to the Microsoft 365 admin center by clicking the Admin app.
    Admin app in Office 365
  2. In the Admin centers section, click Exchange.
    Admins centers - Exchange
  3. Then, in the Exchange admin center, click mail flow and then rules. Using the plus icon, add a new rule.
    Create a new rule in Exchange admin center
  4. In the new rule window, under the Apply this rule if section, select The recipient is located > Outside the organization.
    The recipient is located outside the organization
  5. If you don’t want the rule to apply to all users, you can add another condition that narrows down its scope. To do so, click More options at the bottom of the window, and then click the add condition button (the button shows up once you have enabled more options). You can, for example, add a selected user group so that only its members won’t be allowed to send emails outside the organization.
    The sender is a member of a AD group
  6. In the Do the following section, select Block the message > reject the message and include an explanation.
    Block the message and include explanation
  7. Provide a short explanation that says why the email is blocked. Users will get this explanation along with an NDR message after trying to send an email outside the organization. You can also choose not to notify anyone and simply delete the message (by selecting the delete the message without notifying anyone option).
    Reject the message with the explanation
  8. Save the changes to the rule and test whether it works as expected. Note that it may take up to 30 minutes before the changes to the rule take effect.
    NDR message

That’s it. Now, if the users included in this rule try to send emails outside the Office 365 organization, these messages will be rejected, and the senders will get the notification that their email was blocked.

What about on-premises environments?

If you’re still on an on-premises infrastructure and you’re looking for a similar solution that works with Exchange Server, try CodeTwo Exchange Rules Pro. This program works in on-premises and hybrid environments, and offers a wide range of email rule configuration settings that are not available natively in Exchange.

See also:

One thought on “How to prevent Office 365 users from sending emails outside the organization?

  1. Thanks…
    I Will test
    It is a wonderful idea… I done via restrictions and outbound spam policies but rule is better

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>