Exchange Online: Tagging External Email Feature
Phishing is a problem. One indicator that makes it easier for users to spot phishing emails is a clear indication when an email comes from external. External email tagging has been available on Exchange Online for some time. This article describes short and briefly how to activate External email tagging in Exchange Online.
External email tagging means that messages received from external domains are marked as "external" by Exchange. The administrator has the possibility to determine which domains are set apart as internal.
Activating External Email Tagging
External tagging is disabled by default. To enable it follow the following steps:
in Powershell: make sure the ExchangeOnlineManagement Module is installed. if not alredy avaiable you can install it using:
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.0.0
than connect to your Exchange Online Instance:
ExchangeOnlineManagement
and issue:
Set-ExternalInOutlook -AllowList "microsoft.com" -Enabled $True
The -AllowList holds the list of domains or email-adresses you trust and therefore will not receive the External tag. The AllowList uses the 5322.From address format.
activation period
Be aware that after an admin has enabled this setting, it can take up to 48 hours for users to see the External icon in messages from external senders.
check status of External Email Tagging
If you are unsure whether External Email Tagging is active or not (yet), you can check this as follows. Also the AllowedList is displayed with this command
Get-ExternalInOutlook
Identity Enabled AllowList
-------- ------- ---------
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx True {microsoft.com}