With the ever increasing number of phishing emails it’s a good idea to help users easily spot emails that are sent from someone external to your organisation. You can prevent that by adding an external email warning or tag external emails using a feature within Exchange Online.
Enable an external sender warning
There are two options to enable and implement an external sender warning. I would personally recommend enabling both options.
The first option is to enable the external email tag in Exchange Online. This will enable a built-in warning between the subject and body of the email when the email is from someone outside your organisation.
The second option is a custom warning banner at the top of the email. This allows you to show a custom warning based on words in the subject or body. Enabling this feature means you can flag emails that are asking the recipient to “update your password” or similar.
Supported clients of the External Email Tag
The external tag feature is a new one, it is visible and supported by the following versions of Outlook:
- Outlook Online
- Outlook for Window — rollout started may 2021
- Outlook for Mac — Version 16.47 and higher
- Outlook Mobile App — iOS and Android — version 4.2111.0 and higher
Enable External Email Tag
The first step is to connect to Exchange Online. You will need the Exchange Online PowerShell modules installed — if you don’t have them installed check out my blog post to do that.
Connect-ExchangeOnline -userPrincipalName email@example.com
The next step is to enable the external tagging feature in Exchange Online, the following PowerShell command will action that:
Set-ExternalInOutlook -Enabled $true
To verify the settings you can use the following PowerShell command: