Default Enabling of Plus Addressing Might Affect Some Recipients

Update: Like many Microsoft 365 features, this one is delayed a tad. The latest deployment date appeares to be mid-April 2022.

In September 2020, Microsoft introduced the ability to use plus addressing in Exchange Online. Plus addressing is not a deep and dark email technique. It’s supported by consumer mail systems like Outlook.com and Gmail and many other email systems. Plus addressing means that users can send messages using their normal email address (like Chris.Bishop@Office365itpros.com) with an optional suffix separated by a plus characters. The suffix is an arbitrary tag selected by the user for whatever purpose they choose.

The biggest use of plus addressing is probably when people sign up for online services. Using a plus address allows the user to know if a service sells their address to another business. For instance, the person with the address shown above might use an address like Chris.Bishop+P365@Office365itpros.com to subscribe to the Practical 365 newsletter (Figure 1). Messages sent to the address go to the Office365itpros.com server, which strips the suffix from the message and delivers it to the mailbox with the Chris.Bishop@Office365itpros.com address. Later, if the user sees a message sent to the plus address from another source, they know that the sending domain has obtained it from the original service they signed up for.

Using a plus address to sign up for the Practical 365 newsletter
Figure 1: Using a plus address to sign up for the Practical 365 newsletter

Current Control for Plus Addressing

When Microsoft introduced plus addressing into Exchange Online, the capability was optional and controlled by the AllowPlusAddressInRecipients setting in the Exchange Online organization configuration. If $False, Exchange Online didn’t support user-initiated plus addressing and the only way to use a plus address was if an administrator created one as a proxy address for a mail-enabled recipient (mailbox, shared mailbox, Microsoft 365 group, or distribution list). In effect, when the setting is $False, Exchange Online doesn’t strip the plus segment from an address and attempts to match the complete address string against addresses in its directory.

User-initiated plus addressing means that individual users can choose the tags for plus addresses. To allow this, you need to update the AllowPlusAddressInRecipients setting to $True. Here’s how to update the setting with the Set-OrganizationConfig cmdlet:

Set-OrganizationConfig -AllowPlusAddressInRecipients $True

What’s changing now (MC276028, August 6) is that Microsoft plans to remove the optional organization setting to make plus addressing available by default in all tenants in January 2022. In other words, you won’t have to enable anything and plus addressing will be available to all users.

The reason for the five-month notice period is that enabling plus addressing throughout Exchange Online has a consequence for tenants where proxy addresses for plus addresses exist. As Microsoft says: “If you don’t stop using email addresses with plus signs (+), Exchange Online may be unable to deliver emails to them when plus addressing is turned on for the entire service.” This includes both hybrid and on-premises mailboxes.

Reporting Recipients with Proxy Addresses

Microsoft recommends that tenant administrators should remove any proxy addresses containing plus characters before January 2022 as Exchange Online will be unable to deliver email to these addresses. A quick way to find out if you’re affected is to run this code:

Get-Recipient -Filter 'emailaddresses -like "*+*"' | Format-Table Name, EmailAddresses

A more developed (aka useful) version of the command which isolates and reports the plus addresses is as follows:

[array]$Recipients = (Get-Recipient -Filter 'emailaddresses -like "*+*"' -ResultSize Unlimited | Select DisplayName, EmailAddresses, RecipientType, ExternalDirectoryObjectId)
If ($Recipients.Count -eq 0) 
   { Write-Host "You're all set - no plus addresses can be found for mail-enabled recipients"; break}
Else 
   { Write-Host ("{0} mail-enabled recipients found with plus addresses - analzying..." -f $Recipients.Count) }
   
$Report = [System.Collections.Generic.List[Object]]::new()
ForEach ($Recipient in $Recipients) {
   ForEach ($Address in $Recipient.EmailAddresses) {
      If ($Address -like "*+*") {
         $ReportLine = [PSCustomObject][Ordered]@{  # Write out details of email address
           User      = $Recipient.DisplayName
           Type      = $Recipient.RecipientType
           Address   = $Address 
           ObjectId  = $Recipient.ExternalDirectoryObjectId }
    $Report.Add($ReportLine)
      } # End if
   } # End For Address
} #End For Recipient

$Report | Out-GridView
$Report | Export-CSV -NoTypeInformation "c:\temp\PlusAddresses.csv"

The output is on-screen (Out-GridView – Figure 2) plus a CSV file that we can use to check the addresses and remove them from the recipients to prepare for the change coming in January 2022.

Reporting mail-enabled recipients with plus (proxy) addresses
Figure 2: Reporting mail-enabled recipients with plus (proxy) addresses

Removing Proxy Addresses from Recipients

The code to read and remove plus addresses from recipients is straightforward. We import the CSV file and use a Switch to call the correct command to update the recipient based on its type. As you can see, the code accommodates user mailboxes, shared mailboxes, group mailboxes, and distribution lists.

$Addresses = Import-CSV "c:\temp\PlusAddresses.csv"
ForEach ($Address in $Addresses) {
   Switch ($Address.Type) {
      { @("UserMailbox", "SharedMailbox") -contains $_ } {
       Write-Host ("Removing address {0} from {1} {2}" -f $Address.Address, $Address.Type, $Address.User)
       Set-Mailbox -Identity $Address.ObjectId -EmailAddresses @{Remove=$Address.Address} -ErrorAction SilentlyContinue }
    "GroupMailbox" {
       Write-Host ("Removing address {0} from {1} {2}" -f $Address.Address, $Address.Type, $Address.User)
       Set-UnifiedGroup -Identity $Address.ObjectId -EmailAddresses @{Remove=$Address.Address} -ErrorAction SilentlyContinue }
    "MailUniversalDistributionGroup" {
       Write-Host ("Removing address {0} from distribution list {1}" -f $Address.Address, $Address.User)
       Set-DistributionGroup -Identity $Address.ObjectId -EmailAddresses @{Remove=$Address.Address} -ErrorAction SilentlyContinue
    }
 } # End Switch
} # End ForEach
Write-Host "All done!"

After running the code to clean up the plus addresses from mail-enabled recipients, you shouldn’t notice any issues when Microsoft makes the big switch in January 2022. At least, that’s the theory!

About the Author

Tony Redmond

Tony Redmond has written thousands of articles about Microsoft technology since 1996. He is the lead author for the Office 365 for IT Pros eBook, the only book covering Office 365 that is updated monthly to keep pace with change in the cloud. Apart from contributing to Practical365.com, Tony also writes at Office365itpros.com to support the development of the eBook. He has been a Microsoft MVP since 2004.

Comments

  1. Jay

    What is your suggestion for blocking a plus address?

  2. Steve T

    We’ve activated this and I see no way to determine if the email was originally sent to a user+text address. So no – you won’t be able to tell where the address came from…

    It still has uses for aliases.

    steve

  3. Kerrie

    Hi Tony
    I assume that any legacy DNs that have a + in them will not cause issues when this is implemented, just SMTP addresses?
    Thanks
    Kerrie

    1. Avatar photo
      Tony Redmond

      I think you’re fine. I haven’t heard of any issues. Then again, I don’t have a legacy DN like that to test!

      1. Kerrie

        Thanks Tony. I do have a few legacy DNs in production but unfortunately none in our test environments.

  4. Dr. Phil

    Tony, do you know when this will be enabled?

    1. Avatar photo
      Tony Redmond

      I’m sure Microsoft will post an update when they enable plus addressing for all.

  5. Benoit Krier

    Hello,

    Hello, 

    If I correctly understood, the plus addressing is ONLY working where the MX record or the incoming entry point for email is located in Exchange online . As we still have our MX record located in our on-premise gateway and all incoming emails are still going through our Email gateways, then the PLUS addressing will not work . 

    Could you confirm this ?

    Thanks

    1. Avatar photo
      Tony Redmond

      Yep. Think about the situation. Plus addressing must be resolved by the MTA which handles inbound email. In your case, that’s an on-premises gateway. The gateway needs to be able to strip off the plus part of the address and route onwards using the remainder. If it can, you’re in luck. If not, you can’t use this feature.

      1. Avatar photo
        Tony Redmond

        I asked the engineers. Here’s what they said:

        We expect most gateways to focus on the domain and not have any problems getting the email to EXO for delivery.

        This is interesting. The issue might arise when a gateway does directory lookups to validate recipients before accepting or routing email. If they do, and a plus address isn’t resolvable by the gateway, you might have a problem which is what I alluded to in the first response.

Leave a Reply