Enable External Email Warning Tag in Exchange Online

Sarah Lean
4 min readJul 21, 2022

With the ever increasing number of phishing emails it’s a good idea to help users easily spot emails that are sent from someone external to your organisation. You can prevent that by adding an external email warning or tag external emails using a feature within Exchange Online.

Enable an external sender warning

There are two options to enable and implement an external sender warning. I would personally recommend enabling both options.

The first option is to enable the external email tag in Exchange Online. This will enable a built-in warning between the subject and body of the email when the email is from someone outside your organisation.

The second option is a custom warning banner at the top of the email. This allows you to show a custom warning based on words in the subject or body. Enabling this feature means you can flag emails that are asking the recipient to “update your password” or similar.

Supported clients of the External Email Tag

The external tag feature is a new one, it is visible and supported by the following versions of Outlook:

  • Outlook Online
  • Outlook for Window — rollout started may 2021
  • Outlook for Mac — Version 16.47 and higher
  • Outlook Mobile App — iOS and Android — version 4.2111.0 and higher

Enable External Email Tag

The first step is to connect to Exchange Online. You will need the Exchange Online PowerShell modules installed — if you don’t have them installed check out my blog post to do that.

Connect-ExchangeOnline -userPrincipalName tony@starkindustries.com

The next step is to enable the external tagging feature in Exchange Online, the following PowerShell command will action that:

Set-ExternalInOutlook -Enabled $true

To verify the settings you can use the following PowerShell command:


Exclude domains from the external tag

Sarah Lean

Community Speaker — Lifelong Learner — Founder of the Glasgow Azure User Group