As a security precaution, it’s a good idea to remind your staff not to open attachments from unknown senders. One easy way to implement this in Microsoft 365 is by setting up a mail flow rule in the Exchange admin center. If you have ever set up a Disclaimer mail flow rule, the setup is almost identical. In this tutorial, we’ll cover how to setup your own warning message for all external email sent to users inside your organization.
Steps to Configure Attachment Security in Microsoft 365
1. Log in to your Microsoft 365 Admin account at: https://portal.office.com
2. On the lefthand side of the homepage, select the “Admin” app from your list of Apps:
3. On the resulting page, select “Exchange” under “Admin centers” located on the left-side menu
4. Again on the left menu, expand the dropdown menu for “Mail flow” and select “Rules”
5. On the resulting page, next hit the plus symbol under “Rules” and select “create a new rule…”
6. Fill out the “New Rule” popup window in the detailed steps 7-14:
7. Make the name, “Warning: Received from Scope Outside the Organization” or whatever best suits you or your organization’s naming convention
8. For *Apply this rule if… Select “The sender is located…”, from the drop-down menu then choose “Outside the organization” from the resulting “select sender location” window:
9. For *Do the following… , select “Apply a disclaimer to the message…” , “append the disclaimer”.
10. Select “*Enter text…” and enter the below HTML into the “specify disclaimer text” pop-out window