Security is the number one priority for most mature IT Service Providers. Microsoft is no exception. An often overlooked configuration parameter within Exchange Online is the External E-mail Warning. By enabling this option, all of your tenant users will be notified when a specific e-mail origins from external.
This; combined with SPF, DKIM & DMARC create a robust security layer to protect your organisation against potential e-mail thread.
While you could also work with transport rules to set a banner in the content of a mail, this post focuses on the built-in capabilities of Exchange Online.
After connecting to Exchange Online you can execute the following command to enable this option in your tenant:
Set-ExternalInOutlook -Enabled $true
Note that it can take up to 24 hours for the configuration to be effective, and only new messages will be tagged as such. This configuration does not impact any messages that were received prior to the change.
If you want to prevent the message to appear for certain smtp domains or addresses, the following command can be used:
Set-ExternalInOutlook -AllowList jentech.be,contoso.com
Although this feature works as documented, I would very much love to see integration with user’s white list. In that approach, the warning would only pop-up in case the sender is not in the organization wide allow list, or on the white ilst of the specific mailbox.