Spoofing and phishing, these two words seem to have drawn special attention recently. In the light of that, organizations are looking for ways to protect their data against cyberattacks by deploying different security solutions and by educating users. But still, some attacks are successful. Mainly because end users are tricked to click bad links or open infected attachments. That is why admins search for ways to help end users pay greater attention to emails they receive, especially those coming from external domains. One method is by adding a warning message to incoming emails.
Emails coming from external domains run a risk of being spoofed. And spoofed emails run a risk for organizations of being compromised. To reduce the risk, you can stamp incoming emails with a warning message added at the top of the email body. If you have CodeTwo Exchange Rules Pro on board, you can use a guide below to set up a rule that does the trick. The result will be like this:
Then, when replying to such emails, the program will remove the warning message from the email body so that the external recipient cannot see the warning message. The result will be like this:
Note: If you are not a user of CodeTwo Exchange Rules Pro, you can download a free trial version from this website. The configuration is quick so within just a few clicks you have the program up-and-running to see this feature in action. CodeTwo Exchange Rules Pro supports all on-premises Exchange editions from Exchange 2019 through Exchange 2007.
How to add a warning message using CodeTwo Exchange Rules Pro
To configure the program to add a warning message to the header of incoming emails, follow the steps below:
- Open Administration Panel of the program and click the Add button to create a New rule.
- In the General tab, provide a name for the rule.
- In the Conditions tab, use the plus button (+) to add conditions that will trigger the rule if met:
- Sender > is > external
- Or > Message direction > is > incoming
- (Optional) In the Exceptions tab, you can also add a condition:
- Message type > is > reply or forward (this way you will double-ensure that replies and forwards will not get the warning message).
- Then, in the Actions tab, click the Add button and select the Insert disclaimer action.
- Now, click the Edit button to open the Editor.
- In the Editor in the Email layout group, highlight the Header section.
- In the Header section of the email template, provide the text of your warning message and click Save. Close the Editor.
Note: The warning message added by the program cannot contain links or be formatted in other way (bold, italics, etc.) if you want to have it removed from replies and forwards (only unformatted text is supported).
- In the Administration Panel, click Submit changes to apply this rule in the production Exchange environment.
Note: If you prefer to test this settings with only your email address before deploying it company-wide, you can narrow down the conditions that trigger the rule by adding the operator And with a condition like e.g. Recipient > matches email address > <here provide your email address>.
- Now, send a test message. Here is an example of an email with the warning message added to its header:
This message will appear in all emails that come from outside of the organization. However, when replying externally to trusted emails, this message should disappear. CodeTwo Exchange Rules Pro also lets you remove the warning message from replies so that external recipients cannot see the internal warning text.
How to remove a warning message from replies using CodeTwo Exchange Rules Pro
When replying to external emails, you want to remove the internal warning message so that the recipient (original sender) cannot see it. Adding warning messages is becoming a common practice but still it seems unprofessional or at least weird from the recipient’s perspective to get to know that their emails are considered malicious.
To remove a warning message from replies by using CodeTwo Exchange Rules Pro, follow the steps below:
- In the Administration Panel, add a New rule and name it, for example “Remove the warning message from replies”.
- In the Conditions tab, add the following conditions:
- Message type > is > reply or forward
- And > Body > contains keywords > <here click Edit to provide your text>
- In the Edit keyword window, click Add to provide the text of your warning message. Make sure the text matches the text of the warning message added to emails. Enable the Remove this keyword/phrase from email if found option. Click OK.
- In the Actions tab, click the Add button and select the Remove keyword action.
- Now, in the Action definition – Remove keywords section, click Add.
- In the following window, provide the text of your warning message that you want to remove from replies from the body.
- In the Administration Panel, click Submit changes to deploy this rule in the production Exchange.
- Send a test message from outside of your organization to yourself and respond. The result should be like this:
This functionality is just one example of how you can use CodeTwo Exchange Rules Pro. For more ideas, see this comparison or visit the links below.
See also:
This feature is only available from PRO Version?
You can add a warning message using regular CodeTwo Exchange Rules, but the remove keywords option is available only in the Pro version.
Hello, i created the rule with header but in messages preview on the Owa and Outllok client see only the External Sender Warning Message and the users can’t see preview infromation on mesagges and it’s a huge problem. Could you help me to fix it?
Hello Dmytro,
That’s how this method works – there’s no way to add the warning message and still see the email body preview under the email’s subject. As an alternative, you can configure Mail Tips for external messages, as described in this article.
External Message. Think before you click!
Hello, in the same way, I followed the instructions accurately, but the warning is not deleted on the response or transfer even with just text (the warning and keywords to delete match).
Exchange Rules Pro V2.13
Does the disclaimer include any additional HTML tags, like <font> or <a>? Unfortunately, when it comes to keyword removal, only unformatted text is completely supported at the moment.
Hi, I followed these instructions but the disclaimer is not removed on reply and forward. Can that be because I used a text highlight color?
Unfortunately, at the moment, only unformatted text is supported. Also, you need to make sure the disclaimer and the keyword to be removed match, and that the rule which removes keywords is actually processed. You can set the rule to be the first one on the list, go to options and make sure that even if the rule is applied, next rules should be processed as well. Learn more about creating rules