"Creation of forwarding/redirect rule" alert policy - Include Outlook client
Currently, the "Creation of forwarding/redirect rule" alert policy in the Office 365 Security and Compliance Center seems to only trigger if the forwarding rule is created using OWA or Powershell. Would it be possible to include a(n optional) trigger for forwarding rules created via the MS Outlook client?
is this really the intended functionality? i've now wasted too much time troubleshooting and there should not be any difference between creating the rule in Outlook or OWA. the alert should trigger either way!
I would like to see this addition made as well. If someone's credentials are stolen and a forwarding rule is created in that user's account, it shouldn't matter how the rule was created. Notification needs to be made if a forwarding rule is created for anyone's corporate email account, no matter how the rule is created.