• Dan Schultz

Prepend an External-Sender Notice

Updated: Jul 4

Phishers often masquerade as internal users. You can visually tag email from outside your org, & here’s some solid HTML code to implement that on the first try.

You accomplish this by pasting HTML code into a transport (aka "mail flow") rule that ends up looking like the figure below. (Scroll down for the code.) Note that the "Inside the organization" condition may be superfluous for your org. Check this link for more info, particularly the "UserScopeTo" and "UserScopeFrom" details.

I've read a number of forum posts from admins who've tried to configure a prepended HTML disclaimer in this way, but instead ended up with a plain text disclaimer. The goal is to provide something with some visual punch:

In addition to posts from people having trouble getting this working, I've seen a number of blog posts with HTML that just doesn't work -- I know because I tried the code myself. The code below works for me every time, just like it did the first time.

<div style="padding:2pt;border:1pt solid #9C6500;"> <div style="background-color:#FFEB9C;margin:0;"><font face="Calibri,sans-serif" size="2"><span style="font-size:11pt;background-color:#FFEB9C;"><font size="2" color="#9C6500"><span style="font-size:10pt;"><b>CAUTION:</b></span></font><font size="2" color="black"><span style="font-size:10pt;">  External Sender</span></font></span></font></div>

Check the code for extraneous line feeds etc., after you copy/paste.

Recent Posts

See All

DLP "Bypass" in O365

Quick post, this time. I've discovered recently that a Microsoft DLP policy which includes a rule to scan for credit card numbers, will "pass" an email which includes card numbers separated from corre

O365 UsageLocation & Country Codes

Recently I needed a quick script to set the two-letter O365 country codes, while my only source for the setting was the three-letter codes in a given AD forest. This presented a problem, because O365

Global Office 365 Deployment


© 2020 Dan Schultz