External Email Warning helps to alert users not to click on malicious links, phishing emails sent by external senders. It plays a vital role in protecting against spam and phishing threats. For these years, administrators use a transport rule to prepend [External] in the subject line. This approach has some limitations like,
- It takes a lot of space in the subject line, which makes it difficult to preview the subject.
- Since the transport rule may not know the language of the end user, it leads to localization issues.
- Multiple External Labels: If external users keep replying to the thread, multiple [External] labels will be added in the subject.
To overcome these limitations, Microsoft introduced native external sender callouts in Outlook.
Native External Sender Identification - External Label:
To provide a native experience to identify external emails, Microsoft introduced a new "External" label. Display the External label on emails from external senders to view and verify the actual sender's email address.
Enable external labeling in Exchange Online:
External labeling is disabled by default. You can enable it through Exchange Online PowerShell.
Note: If you are using the transport rule to add an [External] tag in the subject line, we recommend that you disable it before enabling native external tagging to prevent emails from being marked as "External" twice.
To enable external labeling, follow the steps below:
Step 1: To use external labeling cmdlets, you must connect to Exchange Online PowerShell.
Step 2: Run the Set-ExternalInOutlook cmdlet as follows to turn on external labeling.
Set-ExternalInOutlook –Enabled $true
To view the external labeling settings, you can use the Get-ExternalInOutlook cmdlet.
After enabling this feature, new incoming external emails are automatically labeled with "External". It will not affect existing emails.
How to exclude certain email address or domain from external labeling:
In some situations, you do not want to add the "External" label for some external senders or external domains. In that case, you can exclude them by adding the "AllowList" parameter.
Method 1: To enter multiple entries and overwrite existing ones,
Set-ExternalInOutlook –AllowList "[email protected]", "fabrikam.com"
The above cmdlet excludes the external tag, if the sender is [email protected] or from the domain fabrikam.com.
Method 2: To add new values without affecting existing values,
Set-ExternalInOutlook –AllowList @{Add="contoso.com","[email protected]"}El comando anterior excluye el etiquetado externo para Contoso.com y [email protected] junto con los dominios mencionados anteriormente.
Para eliminar el dominio o el usuario externo de AllowList, puede usar el siguiente cmdlet.
Set-ExternalInOutlook –AllowList @{Remove="contoso.com","[email protected]"}Conclusion:
The native external labeling cmdlet is one of the most anticipated features and there is no doubt that it adds additional security to email. As an administrator, would you like to stay on the transport rule or switch to the native PowerShell cmdlet? You can share your thoughts via the comments section.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article