Use Hashtables to Audit Proxy Addresses Prior to Exchange Online Migration

I've recently had a customer ask me if there was a way we could get an idea of what recipient domains within their organization are being used as proxy addresses on their mailboxes in Exchange. Determining recipient domains that were in use was critical to this customer, as they would not be able to migrate mailboxes with proxy addresses that were not added as Accepted Domains in Exchange Online, as you'll see an error similar to the one below:

You can't use the domain because it's not an accepted domain for your organization.

I wasn't aware of any built-in reporting in Exchange that would do this, so once I had the requirements of what they were looking for, I went to work in PowerShell. What I found was if we were able to gather the emailAddresses field from all of the mailboxes in the on-premises organization, we could get can accurate count of the various recipient domains are in use within the on-premises Exchange environment.

My approach:

  1. Pull all of the mailboxes within Exchange On-premises (this may take a while depending on how many mailboxes you have in your organization), and place in a variable.
  2. Create an empty hashtable.
  3. Declare an "addresses" variable, which will contain all addresses within the EmailAddresses variable on the mailbox.
  4. Create a foreach loop that goes through each value specified within the "addresses" variable.
  5. Create a "pos" (position) variable that will hold the position of the "@" symbol within the SMTP address passed through the loop.
  6. Create a "suffix" variable that will return a substring of the email address (everything after the "@" symbol in the SMTP address).
  7. Add the suffix to the hashtable (if it exists).
  8. Sort the hashtable in descending order, and export to a .txt file.

If all works as expected, a txt file should be created that looks something like this:

 

 

 

 

From there, we could look at the mailboxes that have these addresses stamped on them and remove as necessary:

 Get-Mailbox -ResultSize Unlimited | ? {$_.EmailAddresses -like *@domain.com*}

Below you will find the proof-of-concept for what is described above for this process. Please note that this script should be tested prior to running in any sort of production environment.

SMTPDomains.txt

Feel free to leave a comment with any questions you may have. Happy migrating!

Comments

  • Anonymous
    June 13, 2018
    Nice blog, but isn't this a really convoluted way to basically list accepted domains for the on premise exchange?In a well maintained environment that is.
    • Anonymous
      June 13, 2018
      Kristof,Yes and no; while the majority of the domains reported in the hashtable would consist of your Accepted Domains in your on-premises organization, I have had customers' mailboxes contain proxy addresses for domains that they did not have listed as an Accepted Domain (whether a legacy namespace or otherwise). It's also relatively common for larger enterprise customers to not add all of their Accepted Domains from on-premises in Office 365 (mainly for namespace consolidation purposes, usually complemented with a UPN/PrimarySmtpAddress change), so the snapshot reporting that the hashtable provides would be useful to get a quick idea of what addresses are in use within the on-premises org. That said, this approach could be deemed redundant for some customers as you stated; it all depends on the organization.