Enable ‘Plus Addressing’ in Exchange Online to manage your Inbox

As much as we all may wish for a newer, better and more secure communication tool to replace email, it looks like the legacy Inbox-filling communication tool is going to be with us for some time. And while the underlying technology that authenticates you email accounts has been modernised to not rely on legacy protocols – including but not limited to Post Office Protocol (POP), Internet Message Access Protocol (IMAP), Exchange ActiveSync, Exchange Web Service, etc. – not a lot has been done to help people manage their inboxes. Sure, some solutions have tried, such as Google’s tagging system in Gmail, and Microsoft’s Focussed Inbox, but none of these solutions really help you achieve “inbox zero”.

I often come across people that are struggling to keep on top of emails, often with dozen (to hundreds) of folders and email rules that try to capture incoming email and help organise them into manageable chunks that can be prioritised. One constant, in this type of setup, is that it never ‘just works’: There are always messages that escape the rules and filters, especially if you are signing up to a service that doesn’t use a consistent from address. So how do you manage your Inbox in a more reliable way? Enter ‘Plus Addresses’, otherwise known as sub-addressing in some Office 365 documentation.

What is Plus Addressing?

Put simply, providing your tenant/mail administrator has enabled the feature, Plus Addresses allows you to add a suffix to your email address, which will still be delivered to your primary mailbox, but using a unique TO address that can more reliably be used for message rules and filtering. Here’s an example:

Standard SMTP address: <username>@<domainName> (i.e. boss@contoso.com)

Plus Address Version: <username>+<identifyingSuffix>@<domainName> (i.e.boss+tpsReports@contoso.com)

But Murray, isn’t a plus symbol a valid character for an email address? Why, yes it is. This is why there are usually a few steps we need to do to enable this for a tenant or email service. More on that a little later.

Now, at this point, you may be thinking that this sounds like a bit of a SPAM-magnet, and you draw a quick mental comparison between this and the old “Catch-All addresses” some email servers used to have for this purpose. Rest assured, Plus Addressing still requires that the email address contain the first part of a standard mailbox email address as well as the domain, and it’s only the “middle bit” that does the magic. If anything, Plus Addressing actually improves your email security and reduces SPAM because it provides your users a chance to use and monitor disposable addresses when signing up for newsletters and services: You can then identify any email that has been leaked, breached, sold to advertisers, and block that without tearing down an alias or implementing server blacklists to manage these rogue addresses.

Another link people often make when discussing Plus Addressing, is that it isn’t much different to creating a new email Alias. While aliases also work, if you really want to go down that path, Plus Addressing is nowhere near as heavy on the service, and acts as a user-managed, dynamic alias system From a Microsoft 365 (Exchange Online) Admin’s perspective:

  • Plus Addressing can be enabled at the tenant level, and then individual users are empowered to use the feature immediately and easily, without IT needing to create the Aliases.
  • There’s no need to worry about about future conflicts. While Aliases will create SMTPAddress values in Exchange Online that need to be managed, whereas Plus Addressing simply adds a sub-address to an existing user’s email, so the user’s primary address and domain will be intact and will make the addresses unique and easy to identify.
  • PlusAddresses don’t really require management, as they are effectively designed as throw-away/disposable addresses that really don’t add any complexity of overhead to the email system.

How is Plus Addressing enabled in Exchange Online?

Enabling Plus Addressing currently requires the use of PowerShell, via the Exchange Online Management module. Don’t worry if you’ve not done this before, I’ll cover the steps below. But first, as I mentioned earlier, there’s a more critical first step: Checking to make sure you’re not already using the plus (“+”) character in any email addresses or aliases.

The format of an email address is defined by standards set by the Internet Engineering Task Force (IETF) and the Internet Society (ISOC) – the principal technical development and standards-setting bodies for the Internet – and cover the character sets, length and other requirements for valid email addresses. The current specifications can be found in RFC 3696, 5321, 5322, and 6530, and require that ‘local part’ of the address – which is the part before the domain name – be up to 64 characters in length and consist of any combination of alphabetic characters, numbers, or any of the following ‘special’ characters:

! # $ % & ‘ * + – / = ? ^ _ ` . { | } ~

NOTE: The period character (“.”) is valid for the local part subject only if it is not the first or last character, and that there are not two or more consecutive periods.

This ultimately means that your tenant might already have a valid email address that contains a plus symbol, and this will make Plus Addressing a very problematic thing for you. To check whether you have any plus characters, we can also use PowerShell… so that’s where I’ll start.

How to get started with Exchange Online & PowerShell
In a previous post I covered the install and connection to the Exchange Online Management v2 PowerShell module that we will need in the following section. If you are unsure on how to get started, please review that post first.

Checking for any existing addresses with plus characters

Now it’s time to see whether you can even enable Plus Addressing… by checking whether you’re tenant already uses the plus character. Because an Exchange Online recipient can have multiple Aliases and configurations, it’s important that we look at all addresses in use and not just the primary email address for the account. Like above, this can achieved using PowerShell.

  1. Open PowerShell and connect to Exchange Online as your Global or Exchange Administrator account.
  2. Issue the following command to search all primary and alias addresses, and return any mailbox users that you will need to review:

    Get-Recipient -Filter “emailaddresses -like ‘*+*‘” | Select-Object Name, DisplayName
  3. If no rows are returned, you don’t have any addresses with plus characters and may continue to the section below about enable Plus Addressing. If rows are returned, you must review the accounts and determine whether it’s possible to remove the plus character. You can quickly review the emails in use with the command below for each recipient returned:

    Get-Recipient -Identity <recipient> | Select-Object -ExpandProperty EmailAddresses

    NOTE: While it is possible to return only the impacted address, and to perform the above action as a loop to make life easier, these are beyond the scope of this blog (I might cover them in a later post).

IMPORTANT: Whether or not you find addresses with plus characters, please note that the change to enable Plus Addressing is still available. No errors are produced when you enable the setting, and you may continue to create new email addresses and aliases using plus characters after the change is made. This is not advisable however, and if you intend to use Plus Addressing, it is advised that you find a way to remove and prevent new emails being created with the plus character.

Enabling Plus Addressing via PowerShell

We’re finally at the good part, let’s enable Plus Addressing.

  1. In your existing PowerShell window – or a new one if you closed it after the previous step – enter the following command to check the current value of the policy setting:

    Get-OrganizationConfig | Format-List AllowPlusAddressInRecipients
  2. If the returned value is ‘True’, you already have Plus Addressing enabled… congratulations. If the returned value is ‘False’, enter the following command to change the policy:

    Set-OrganizationConfig -AllowPlusAddressInRecipients $True
  3. There’s no output from the set command, so issue the same command as in step one to verify the value is correct. If the value now says ‘True’, that’s it… Plus Addressing is enabled. You and your users should now be able to use the feature.

What’s next?

As stated above, the great thing about Plus Addressing is that it empowers users to manage their inboxes, without adding overhead for IT admins or the Exchange Online environment. Once enabled, users will still have email delivered to their mailbox as normal, but the message header will have the custom TO value, and this becomes incredibly easy to use with an email rule that, for example, marks the message read and/or moves it into a folder. This is just another technique that can be used to manage the flood of emails we all receive, and provides a very easy way to sign up for products, services, newsletters and competitions with a ‘disposable’ email that can be managed and monitored.

Better still, if an email ever gets leaked, breached, or disclosed, it becomes trivial to block it (as I have pre-emptively done for this example email address). Moreover, it allows you to see exactly who was the source of the email, which allows you to hunt down a potential security issue. All round, Plus Addressing is a powerful email management solution that I think more tenants should consider enabling.

Comments are closed.

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: