PowerShell Script to create an Exchange Transport Rule to automatically Reject DMARC Fail emails.
!Important!
Sendmarc provides no support for PowerShell scripts and these are executed at your own risk.
Sendmarc takes no responsibility for any issues that this script might cause.
Please read through the code before executing the script
Please copy the contents of this script below into a TXT file and rename the file as "Sendmarc Microsoft 365 DMARC Reject Enabler.ps1"
Should the script successfully execute, a log file will be created at C:\Sendmarc\nameofscript.txt
Please review this article on how to execute a PowerShell Script:
Script Objective
The objective of this script is to create a DMARC reject rule on DMARC failures using an Exchange Transport Rule.
The script will query you to login into MS365, please ensure the account you are logging in with has access to security.microsoft.com.
Do Not Run This Script If Your Own Domains Are Not On P=REJECT
Script Contents
#SENDMARC MS365 DMARC FAIL TRANSPORT RULE ENABLER
#Author: Brian Goosen - brian@sendmarc.com
#Usage of this Script is at your own risk.
#COPYRIGHT SENDMARC
#V2.0
#Changelog
#Added Functions to drive application flow
$hostGui = $Host.UI.RawUI
$HostGui.WindowTitle = "Sendmarc MS365 DMARC Fail Exchange Transport Rule Enabler V2.0"
$HostGui.ForegroundColor = "White"
# Check if the script is running with administrative privileges
$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
# If not running as admin, relaunch the script with elevated permissions
if (-not $isAdmin) {
Write-Host "This script requires administrative privileges. Please run the script as an administrator." -ForegroundColor Cyan
# Relaunch the script with elevated permissions
Start-Process powershell.exe -Verb RunAs -ArgumentList "-File $($MyInvocation.MyCommand.Path)"
}
# Generate a timestamp for the log file name
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
# Create a log file path
$logFilePath = "C:\Sendmarc\Sendmarc_MS365_DMARC_Fail_Exchange_Transport_Rule_Enabler_LogFile_$timestamp.txt"
# Start logging
Start-Transcript -Path $logFilePath
Write-Host "===============================================================" -ForegroundColor Green
Write-Host "Sendmarc MS365 DMARC Fail Exchange Transport Rule Enabler" -ForegroundColor Green
Write-Host "Author: Brian Goosen" -ForegroundColor Green
Write-Host "Email: Brian@sendmarc.com" -ForegroundColor Green
Write-Host "COPYRIGHT SENDMARC 2023" -ForegroundColor Green
Write-Host "===============================================================" -ForegroundColor Green
Write-Host "" -ForegroundColor Cyan
Write-Host "*****ONLY RUN THIS SCRIPT IF YOU ARE ON DMARC REJECT FOR ALL DOMAINS IN MS365*****" -ForegroundColor Red
function LaunchApplication {
#Confirm Application Launch
$title = 'Configure MS365 DMARC Reject Transport Rule'
$question = 'Do you want to continue?'
$choices = '&Yes', '&No'
$decision = $Host.UI.PromptForChoice($title, $question, $choices, 1)
if ($decision -eq 0) {
ConnecttoMS365
GetTransportRules
CreateDMARCRejectTransportRule
GetTransportRules
}
else {
Write-Host "Script Aborted" -ForegroundColor Red
Exit
}
}
function ConnecttoMS365 {
Write-Host "Checking if ExchangeOnlineManagement is installed" -ForegroundColor Cyan
if (-not (Get-Module -ListAvailable -Name ExchangeOnlineManagement)) {
Write-Host "Installing ExchangeOnlineManagement Powershell Module" -ForegroundColor Cyan
Install-Module -Name ExchangeOnlineManagement -Force -Scope CurrentUser
}
else {
Write-Host "ExchangeOnlineManagement is installed" -ForegroundColor Cyan
}
Write-Host "Importing ExchangeOnlineManagment" -ForegroundColor Cyan
Import-Module ExchangeOnlineManagement
Write-Host "Connecting to MS365" -ForegroundColor Cyan
Write-Host "Please Log into MS365" -ForegroundColor Cyan
Connect-ExchangeOnline
Write-Host "Connected to MS365" -ForegroundColor Cyan
}
function GetTransportRules {
# Get all transport rules
$TransportRules = Get-TransportRule
Write-Host "All Transport Rules:"
# Output the rule details
foreach ($Rule in $TransportRules) {
Write-Host "Rule Name: $($Rule.Name)" -ForegroundColor Cyan
Write-Host "Enabled: $($Rule.Enabled)" -ForegroundColor Cyan
Write-Host "Conditions: $($Rule.Conditions)" -ForegroundColor Cyan
Write-Host "Actions: $($Rule.Actions)" -ForegroundColor Cyan
Write-Host "---------------------" -ForegroundColor Cyan
}
}
function CreateDMARCRejectTransportRule {
#Confirm DMARC Reject Transport Rule Creation?
$title = 'Create DMARC P=REJECT Transport Rule?'
$question = 'Do you want to continue?'
$choices = '&Yes', '&No'
$decision = $Host.UI.PromptForChoice($title, $question, $choices, 1)
if ($decision -eq 0) {
Write-Host ""
Write-Host "Please Provide an Email Address to recieve incident reports" -ForegroundColor Cyan
$IncidentReportEmail = Read-Host
Write-Host "Creating New Exchange Transport Rule..." -ForegroundColor Cyan
New-TransportRule -Name "Sendmarc DMARC Transport Rule P=Reject Mails Are Rejected" -HeaderContainsMessageHeader "Authentication-Results" -HeaderContainsWords "dmarc=fail action=o.reject", "dmarc=fail action=oreject" -RejectMessageEnhancedStatusCode "5.7.1" -RejectMessageReasonText "We are rejecting this email based on the Sender domain's DMARC policy. This sender/service is not properly authorized to send on behalf of this company." -GenerateIncidentReport $IncidentReportEmail
Write-Host "Transport Rule Created" -ForegroundColor Cyan
Write-Host ""
}
else {
Write-Host "Script Aborted" -ForegroundColor Red
return
}
}
LaunchApplication
Write-Host ""
Write-Host "==================================================" -ForegroundColor Cyan
Write-Host "Thank you for choosing Sendmarc!" -ForegroundColor Cyan
Write-Host "==================================================" -ForegroundColor Cyan
# Stop logging
Stop-Transcript
# Display the path of the log file
Write-Host "Log file created: $logFilePath"
Write-Host "Press Enter to Close This Program" -ForegroundColor Cyan
Read-Host "..."
Need Help?
Sendmarc does not provide any support for PowerShell scripts and are run at your own risk.