Share on facebook
Share on twitter
Share on email
Share on linkedin
brown-framed-light-bulb-745708 (1)-min

How to configure warning messages for Office 365 emails from external senders

As a security precaution, it’s a good idea to remind your staff not to open attachments from unknown senders. One easy way to implement this in Office 365 is by setting up a mail flow rule in the Exchange admin center. If you have ever set up a Disclaimer mail flow rule, the setup is almost identical. In this tutorial, we’ll cover how to setup your own warning message for all external email sent to users inside your organization.

Steps to Configure Attachment Security in Office365

1. Log in to your Office 365 Admin account at: https://portal.office.com

2. Select Admin from your list of Apps

3. Select Admin centers > Exchange (located on the left-side menu)

4. Select mail flow (left side menu)

5. Select the  + icon > Create a new rule…

6. Create a name (Ex: External message warning)

7. For *Apply this rule if…  Select “The sender is located…”, then choose “Outside the organization”.

8. Select “More options…” at the bottom of the new rule window

9. Select “Add condition” > “The recipient is..” > “External/Internal” > then choose “Inside the Organization”.

10. For *Do the following… , select “Apply a disclaimer to the message…” , “prepend a disclaimer”.

11. Select *Enter text…

12. Enter the message you want to prepend to inbound external emails. We recommend keeping it short. If you make it too long, you will get complaints because the users cannot see the preview. Feel free to copy and paste the HTML below for a formatted message like this:


13. After entering the Text, you’ll need to specify the fall back action. (by clicking “*Select one…”). Choose Wrap, then “OK”.

14. Scroll down and set the Priority level according to any other rules you have configured. If this is the only rule, you can set this to “0”.

15. Click Save

That’s it! You should start seeing the warning on external emails within a few minutes.

If you would like to learn more about how you can protect your corporate data, please click here to contact us.  Find out more about our Managed Detection and Response Services.  SecurIT360 provides audits, scans, and analysis of various systems and businesses across multiple industries including legal, financial, utilities, and healthcare.  Let us help you determine where you should spend your time and money protecting your information.

Proactively Guard Your Business From Cyber Security and IT Threats. Request a Free Consultation Today.