How to create rules to mark external senders

One of the easiest ways you can prevent your employees falling victim to phishing scams is to make it really clear when emails are being received from outside of your organisation.

By creating rules to mark external senders, every time an outside email is received by one of your team, a personalised warning will be added to the top of the message. This adds an extra layer of security, by helping to remind employees to not open any links or attachments, as well as preventing potentially confidential company information being shared outside of the organisation.

We’ve written a simple step-by-step guide on how to do this, for both Office 365, and Exchange servers.

Creating a rule to mark external senders in Office365

1. Log into O365 admin centre
2. Go to the exchange admin centre.
3. Click on ‘Mail Flow’ and then ‘Rules’, click ‘add Rule’ and fill in the below fields as per your requirements. We have filled in the fields in the example below, to automatically apply a disclaimer on messages sent into the organisation from outside.

4. Once filled in, click ‘Next’, then click “Enforce”. If there are any specific dates/times you want the rule live, you can edit it on this screen- otherwise, click “Next” again and then ‘Finish’.

Creating a rule to mark external senders for an Exchange server

1. Log into the exchange admin centre.
2. Click ‘Mail Flow’
3. Click ‘Create a new rule’
4. Name the rule something appropriate.
5. Click ‘Apply this rule if..’ and select ‘The sender is located’ and ‘Outside the organisation’.
6. Click ‘Do the following…’ and ‘Append the disclaimer’ and input your custom message you would like displayed.
7. If all other settings are as per the requirements, click ‘Save’ and ensure that the rule is enabled. See below screenshot of our example configuration on an exchange server.