Today we’re going to setup two types of external email warnings. The first is setup natively for use with Microsoft Outlook, and the second is through Exchange’s mail flow.
Step 1: Native External Banner
- Open up a PowerShell window
- Connect to Exchange Online with the desired tenant’s Global Admin Account using the command below
Connect-ExchangeOnline -UserPrincipalName GlobalAdmin@domain.com - Enable the External Outlook Banner using the command below
Set-ExternalInOutlook -Enabled $true - Optionally you can add parent/sister domains so they don’t get flagged. Use the command below for each domain.
Set-ExternalInOutlook -AllowList @{Add="EXAMPLEDOMAIN.com"}
This is the end result, this ONLY works within Outlook web and Outlook desktop client, please also add Method 2 as well to cover non Outlook devices.
Step 2: Mail Flow Banner
- As the Global Admin Account, navigate to Exchange Admin Center at https://admin.exchange.microsoft.com/
- Navigate to Mail flow > Rules
- Add a new rule and name it External Email Banner
- For Apply this rule if: Select is External/Internal and select EXTERNAL
- For Do the following: Apply a disclaimer to the message and select Prepend a disclaimer
- Enter in the following for the text
<div id=โfooterโ style=โbackground-color: #ffeb9c; width: 100%; border: 1px solid #FFEB9C; padding: 2pt; border-style: solid; border-color: #9C6500;โ> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div> - For select one if the disclaimer can’t be inserted, select Wrap
- For Except if: Select The sender domain is and then insert the parent domain and the sister domains as necessary
- Click Next and for rule mode select Enforce. You can leave Severity as not specified and click Next.
- Click Finish
- Click on the rule you created and click Enable
The end result looks like this, and is supported on multiple device types outside of Outlook
