private/review/exchangeonline/mailflow/Invoke-ReviewExoTransportRuleWhitelistSpecificDomain.ps1
function Invoke-ReviewExoTransportRuleWhitelistSpecificDomain { <# .SYNOPSIS Check if mail transport rules do not whitelist specific domains. .DESCRIPTION Returns review object. .NOTES Requires the following modules: - ExchangeOnlineManagement .EXAMPLE Invoke-ReviewExoTransportRuleWhitelistSpecificDomain; #> [cmdletbinding()] param ( ) BEGIN { # Write to log. Write-Log -Category 'Exchange Online' -Subcategory 'Mail Flow' -Message 'Getting transport rules' -Level Debug; # Get all transport rules. $transportRules = Get-TransportRule -ResultSize Unlimited; # Object array with rules that have specific domains in whitelist. $transportRulesWithWhitelistSpecificDomains = New-Object System.Collections.ArrayList; } PROCESS { # Foreach transport rule. foreach ($transportRule in $transportRules) { # Valid. [bool]$valid = $true; # If sender domain is not null. if ($null -ne $transportRule.SenderDomainIs) { # Not valid. $valid = $false; } # If setscl is -1. if ($transportRule.Setscl -eq -1) { # Not valid. $valid = $false; } # If transport rule is not valid. if ($valid -eq $false) { # Write to log. Write-Log -Category 'Exchange Online' -Subcategory 'Mail Flow' -Message ("Transport rule '{0}' have a whitelisted domain" -f $transportRule.Name) -Level Debug; # Add to list. $null = $transportRulesWithWhitelistSpecificDomains.Add($transportRule); } } } END { # Bool for review flag. [bool]$reviewFlag = $false; # If review flag should be set. if ($transportRulesWithWhitelistSpecificDomains.Count -gt 0) { # Should be reviewed. $reviewFlag = $true; } # Create new review object to return. [Review]$review = [Review]::new(); # Add to object. $review.Id = '8bf19b9f-7c76-4cb6-8d9a-2a327db4d7d3'; $review.Category = 'Microsoft Exchange Admin Center'; $review.Subcategory = 'Mail Flow'; $review.Title = "Ensure mail transport rules do not whitelist specific domains"; $review.Data = $transportRulesWithWhitelistSpecificDomains | Select-Object -Property Name, Priority, Enabled, Identity, SenderDomainIs, Setscl; $review.Review = $reviewFlag; # Print result. $review.PrintResult(); # Return object. return $review; } } |