Exchange Online finally has plus addressing!
During the virtual Microsoft Ignite 2020, the Exchange Product Group announced the general availability of plus address support in Exchange Online. This has been a long request feature; I blogged about this in 2014 and Microsoft already announced it during Microsoft Ignite 2019. But now it's here!
Considering enabling Plus Addressing
And if your re-read my 2014 post, you might read that I was a bit skeptical whether organizations would enable this. It is still certainly a feature that would require some forethought. However, my opinion has change over the years. It can limit the amount of alias addresses a mailbox would need.
I checked how the end user experience is and for one the recipient does see the Plus Address that was used to send that mail. This means that Outlook rules can be triggered by the + suffix, which should be logical. Also, the To: field shows the added plus suffix in Outlook (desktop, web and Mobile).
I examined the headers of this test mail and the To: field has the plus address, which is logical and kind of the purpose of plus addressing: you want to know how your address was found. Do note that there is matching with the displayname in your Global Address List and such. It also means that specific services that rely on exact matching of the SMTP address, might not work as intended (Office 365 Message Encryption, S/MIME come to mind). Take that into account as well before deploying and informing your users.
Unfortunately, I couldn't test plus addressing in an Exchange Hybrid setup (I must repair my lab 😑) and check how on-premises mailboxes would react. There is no formal on-premises support for Plus Addressing, it is therefore possible that on-premises mailboxes might behave differently than cloud mailboxes. When I figure this out, I'll update this blog.
Also, it does not hide the normal mail address of a recipient. If your goal is to limit leaking mail addresses when signing up for other services for instance, this feature won't protect you when the normal address is easily deduced by stripping the plus suffix. You could mitigate this by giving your users a bland alias that they could use with plus addressing.
Enabling Plus Addressing
Be sure that no mail addresses in your environment already have a + in it. It is a legal character in email addresses and it could stand in the way when you want to use this feature. You can find them with this one-liner which should list all recipient object with a + in its mail address:
Get-Recipient | Where {$_.EmailAddresses -like "*+*"}
You should check your on-premises environment as well. Better to be thorough now. Enabling the feature is tenant wide:
Set-OrganizationConfig -AllowPlusAddressInRecipients $true
It might take a while to activate, but in my case a test was successful after a few minutes.
Have you enabled it? Or did you run into problems in your environment? Let me know in the comments!
One comment