Why do I see a bounce message when forwarding emails from Office 365 to Vtiger?

This happens because, by default, Office 365 blocks automatic email forwarding to external addresses as part of its outbound spam protection. When auto-forwarding is blocked, you’ll see a bounce message in your Office 365 inbox with an error.

The text of the bounce will include this line: 550 5.7.520 Access denied. Your organization does not allow external forwarding. Please contact your administrator for further assistance. AS(7555).

To resolve this, your Office 365 administrator needs to update the outbound spam policy settings. Follow the steps below to update the outbound spam policy settings:

Log in to your Office 365 Security & Compliance portal.
Go to Policies & rules on the left menu.
Select Threat policies.
Search for the Policies section and click the Anti-spam block.
Click on Anti-spam outbound policy (Default).
Scroll to click the Edit protection settings link at the bottom of the sidebar.
Go to the Forwarding Rules section.
Click the Automatic forwarding rules dropdown.
Choose On - Forwarding is enabled option.
1. Note: You will be unable to set up auto-forwarding if your user role does not have permission to configure outbound spam filters in Office 365.
  1. To add, modify, and delete outbound spam policies, you need to:
    1. Be a member of the Organization's Management or Security Administrator role groups or,
    2. Reach out to the Admin user of your Office 365 account to give you the required permission.
    3. Only the users in the above-mentioned groups can configure outbound spam filtering in EOP.
Click Save.

Once external forwarding is enabled in Office 365, your emails will successfully auto-forward to Vtiger Mailroom without being rejected.