Close this search box.
Configure Warning Messages Office 365 Emails External Sender

How to configure warning messages for Microsoft 365 emails from external senders

As a security precaution, it’s a good idea to remind your staff not to open attachments from unknown senders. One easy way to implement this in Microsoft 365 is by setting up a mail flow rule in the Exchange admin center. If you have ever set up a Disclaimer mail flow rule, the setup is almost identical. In this tutorial, we’ll cover how to setup your own warning message for all external email sent to users inside your organization.

Steps to Configure Attachment Security in Microsoft 365

1. Log in to your Microsoft 365 Admin account at:

2. On the lefthand side of the homepage, select the “Admin” app from your list of Apps:

3. On the resulting page, select “Exchange” under “Admin centers” located on the left-side menu

4. Again on the left menu, expand the dropdown menu for “Mail flow” and select “Rules”

5. On the resulting page, next hit the plus symbol under “Rules” and select “create a new rule…”


6. Fill out the “New Rule” popup window in the detailed steps 7-14:

7. Make the name, “Warning: Received from Scope Outside the Organization” or whatever best suits you or your organization’s naming convention

8. For *Apply this rule if…  Select “The sender is located…”, from the drop-down menu then choose “Outside the organization” from the resulting “select sender location” window:

9. For *Do the following… , select “Apply a disclaimer to the message…” , “append the disclaimer”.

10. Select “*Enter text…” and enter the below HTML into the “specify disclaimer text” pop-out window

[CAUTION:  This email originated from outside of the organization.  Do not click links or open attachments unless you recognize the sender and know the content is safe]

The warning will look like the following if entered correctly:

11. After entering the Text, you’ll need to specify the fallback action. (by clicking “*Select one…”). Choose Wrap, then “OK”.

12. For the “Priority level of this rule” set according to any other rules you have configured. If this is the only rule, you can set “Audit this rule with severity level to “High”.

13. For “Choose a mode for this rule” leave at the selected default “Enforce” in place.

14. Click Save.

That’s it! You should start seeing the warning on external emails within a few minutes.

If you would like to learn more about how you can protect your corporate data, please click here to contact us. Keep up with the latest cybersecurity news here. SecurIT360 provides audits, scans, and analysis of various systems and businesses across multiple industries including legal, financial, utilities, and healthcare. Let us help you determine where you should spend your time and money protecting your information.

Proactively Guard Your Business From Cybersecurity and IT Threats. Request a Free Consultation Today.