• Blog
  • DNS toolbox
  • French
  • Offers
  • Linkedin
  • FAQ
  • …  
    • Blog
    • DNS toolbox
    • French
    • Offers
    • Linkedin
    • FAQ
broken image
broken image
broken image

 

  • Blog
  • DNS toolbox
  • French
  • Offers
  • Linkedin
  • FAQ
  • …  
    • Blog
    • DNS toolbox
    • French
    • Offers
    • Linkedin
    • FAQ
Request a Free Trial
  • Blog
  • DNS toolbox
  • French
  • Offers
  • Linkedin
  • FAQ
  • …  
    • Blog
    • DNS toolbox
    • French
    • Offers
    • Linkedin
    • FAQ
broken image
broken image
broken image

 

  • Blog
  • DNS toolbox
  • French
  • Offers
  • Linkedin
  • FAQ
  • …  
    • Blog
    • DNS toolbox
    • French
    • Offers
    • Linkedin
    • FAQ
Request a Free Trial
broken image

How do you inform your M365 users that an email is coming from the outside?

Add External Email Warning and Tag to Office 365 and Outlook

The Outlook "External" warning

Preventing phishing attacks from doing damage is costly for businesses. According to a study by Osterman Research, phishing-related activities consume one-third of the total time of IT and security teams and cost companies anywhere from $2.84 to $85.33 per phishing email.

Most of these attacks come from outside your organization.

To help your users identify emails from outside your organization, it is now possible to enable an option in Microsoft Exchange Online that adds the following warning to external email headers: "External". This warning encourages caution and can reduce the number of users who open phishing emails.

Version Windows Outlook :

broken image
broken image

Version mobile d’Outlook :

broken image

Version web d’Outlook :

broken image
broken image

How to set External email warning to Microsoft 365 and Outlook ?

1 Connect to Exchange Online

broken image

2 Enable external tagging

broken image

3 Check for proper activation by typing this command

broken image

4 Add or remove domains from the whitelist

You can whitelist domains so that emails sent on behalf of these domains are no longer marked as "external":

broken image

You can also remove domains from this list :

broken image

You can check the status of this whitelist by typing this command:

broken image

Please note that domains already accepted and configured in M365 are already whitelisted.

broken image

Therefore, an e-mail spoofing your actual e-mail domain name, sent from outside your organization (and thus possibly sent by a hacker), will not be marked as "external" by Outlook, which can pose a risk:

broken image

To avoid this situation and prevent fraudsters from misusing your domain, we recommend that you set DMARC to "Quarantine/Reject" mode on your email domain and create a transport rule like this one:

broken image

And to add "Spoofed e-mail" in the subject line of e-mails that fail their DMARC compliance checks :

broken image

This transport rule will warn your users that the email concerned has not passed DMARC compliance checks and therefore the sender may not be the person specified in the "header from" fields:

broken image
Arm your users against targeted phishing using the email addresses of your employees/customers/vendors/etc
Previous
Arm your users against targeted phishing using the email...
Next
What happens in M365 when an email is not DMARC compliant ?
 Return to site
Profile picture
Cancel
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save