How to prevent Outlook from adding signatures

Problem:

After installing centrally managed signature adding software (such as CodeTwo Exchange Rules or CodeTwo Email Signatures for Office 365), you might need to disable personal signatures added in Outlook. If you are not able to get all users to manually remove their Outlook signatures, some users may end up having two different signatures: one made by Outlook and another added by the signature adding software operating server-side.

Solution:

To turn of Outlook signatures centrally, you can use a Group Policy Object (GPO). Click the links below to learn more.

Before you proceed

Your users need to be logged on to a domain to which you have full administrative access, because they have to be subjected to your GPO policies for this solution to work. Organizations working with Exchange Online (Office 365) can also apply this solution if their users are connected to the on-premises Active Directory or Azure AD to which you have full administrative access.

The provided solution requires a Security Group containing all users who should not have their signatures set up by Microsoft Outlook. If you do not have such a Security Group (e.g. Users with no signature - see Fig. 1.), create a new one directly under your domain.

52-13
Fig. 1. A Security Group with users who should not receive a signature.

Downloading policy definitions (ADM/ADMX files)

If you don't have the Administrative Template policy settings (ADM or ADMX) file for the Outlook version used in your organization, you need to download it:

The next steps depend on your environment. Use the links below for guidelines.

Creating a new GPO in Windows Server 2008 / Windows Server 2012 / Windows Server 2016

Important

Both the ADMX and ADML files are necessary to complete the installation. For more information on these files, see this Microsoft article.

  1. To install policy definitions in Windows Server 2008 and newer, open the location of the downloaded ADM/ADMX files.
  2. Open the ADMX folder and copy all the .admx files to the following directory:
%SystemRoot%\PolicyDefinitions
  1. The ADML files are a significant part of the policy definition and need to be installed along with the ADMX files. If you open the PolicyDefinitions folder (see step 2) you can see at least one directory with the name that corresponds to your system's locale, e.g. en-US. Inside the downloaded policy settings package, in the ADMX folder there are several subfolders with similar locale-related names. In order to complete the installation of the policies, you need to:
    • Ensure that you have opened the PolicyDefinitions folder and the ADM/ADMX files' download location (Fig. 2.).
    • Find out which directories with language-based names exist both in the PolicyDefinitions folder and in the download location.
    • In the download location, copy the folders whose names can also be found in the PolicyDefinitions folder.
    • Paste the copied folders into the PolicyDefinitions folder (see Fig. 2.).

X-3
Fig. 2. Copying files to PolicyDefinitions.

Before you proceed further, ensure that you have a relevant Security Group containing all users who should not receive signatures added by Microsoft Outlook.

  1. Now you need to create a new Group Policy Object. Open the Group Policy Management Editor by launching gpmc.msc from the Windows Start menu.
  2. In the left pane, right-click on your domain (e.g. domain103.lab) and select Create a GPO in this domain, and Link it here.
  3. Name your new GPO (e.g. No signatures) and click OK.
  4. Select the newly created object to open it.
  5. On the Scope tab, remove Authenticated Users from the Security Filtering pane.
  6. In the same pane, add the Security Group that you created earlier (e.g. Users with no signature), as shown in Fig. 3.

52-11
Fig. 3. Setting up a new GPO object.

  1. Finally, right-click on the GPO in the right pane and select Edit from the shortcut menu. In the window that appears, navigate to User Configuration > Policies > Administrative Templates (or Classic Administrative Templates) > Microsoft Outlook [2010] (the number depends on your Outlook version) and Outlook Options, then Mail Format (Fig. 4.).  

52-12
Fig. 4. The location of the enabled policy.

  1. In the right pane you will see the Do not allow signatures for e-mail messages option. Enable it, as shown in Fig. 4.

All users have to log out and then log in for the changes to be applied. Moreover, you can manually force the policy update by running gpupdate /force. Keep in mind that these changes do not take effect immediately because the time of this process depends on your environment's configuration.

Creating a new GPO in Windows Server 2003 / SBS 2003

Before you follow the guidelines below, please ensure that you have a relevant Security Group containing all users who should not receive any signatures created by Microsoft Outlook.

  1. Open Active Directory Users and Computers.
  2. Right-click on your domain.
  3. Choose the Properties, Group Policy tab and click the Open button. The Group Policy Management opens.
  4. Right-click on your domain (e.g. sbs2003.local) and from the shortcut menu select Create and Link a GPO Here.
  5. Name your new Group Policy Object.
  6. Select the newly created GPO in the left pane and ensure that you have opened the Scope tab. 
  7. In the Security Filtering pane add the Security Group you prepared earlier and then remove Authenticated Users from the list.
  8. Once it is done, right-click on your GPO in the left pane, then select Edit.
  9. Group Policy Object Editor shows up. Expand Administrative Templates. To install the previously downloaded policy definitions, right-click on Administrative Templates and select Add/Remove Templates. A new window appears (Fig. 5.).

52-14
Fig. 5. Additional administrative templates.

  1. Click the Add button and find the location where you downloaded the policy definitions. Open the ADM folder, then open the subfolder whose name corresponds to your system locale (e.g. en-us), select all the ADM files inside it, and click Open.
  2. New entries should appear on the Current Policy Templates list. Click Close to exit the Add/Remove Templates window.
  3. Now you are able to set policies to remove current signatures in Microsoft Outlook. To do so, please expand the Administrative Templates and select Microsoft Office Outlook XXXX (where XXXX stands for the version of the installed Office templates). In figures 6. and 7. you can see where the policies reponsible for disabling Outlook signatures are located in Office 2003 and Office 2007.

52-1
Fig. 6. Disabling signatures added by Outlook 2007, using Exchange Server.

52-2
Fig. 7. Disabling signatures added by Outlook 2003, using Exchange Server.

  1. To stop adding Outlook signatures to messages, set the options highlighted in Fig. 6. and 7. (depending on your Outlook version) to Enabled. Additionally for Outlook 2003, make sure that both options (Disable signatures for new messages and Disable signatures for replies and forwards - see Fig. 7.) are configured as shown in Fig. 8.

How set up disabling signatures from Otlook 2003.
Fig. 8. Additional configuration for Outlook 2003 in Exchange Server.

  1. All users have to log out and then log in for the changes to be applied. Moreover, you can manually force the policy update by running gpupdate /force.

These changes do not take effect immediately - the deployment time depends on the configuration of your environment.

See also: