1. Home
  2. Knowledge Base
  3. Office 365
  4. FAQ: “External” tag mail-tip in Office 365

FAQ: “External” tag mail-tip in Office 365

What is the External tagging mail-tip?

External Tagging means that messages received from any domain except those registered for your Office 365 organization are marked by Exchange Online as “external” when they pass through the transport service on their way to user mailboxes.

  • Note: The external tag is not displayed for messages received from external senders and forwarded by a tenant user.
  • Protected (encrypted) messages are not affected as the tag doesn’t affect message content.
    • Example (Outlook Desktop):

    • Example (Outlook Mobile):

How does it impact the user experience?

  • Displays a alert at the top of the email showcasing the sender was from outside your organization’s domain.
  • Images are automatically downloaded on internal email and not downloaded on external.

What is the purpose/benefit of this?

  • The additional context to indicate that the message was received from an external sender helps increase security by increasing user awareness.
  • In particular, this helps your users detect and avoid certain types of phishing attacks where the attacker is impersonating a known, internal person using an external address.

What do I do if I receive one?

Most messages you receive from external senders are legitimate and require no action. However, if you receive an external notification that you don’t expect (for instance, a message from a colleague is flagged as “external”):

  1. Confirm you are expecting to receive correspondence from the sender.
  2. Confirm that it’s a valid email address (for instance, they may be sending you correspondence from their external or personal email address.
  3. If there’s any doubt at all as to the validity of the message:
    • CALL them, using a known number (do NOT call a number contained in the email you’re trying to verify!)
    • Don’t take any further action on their request until you’ve confirmed the validity of the message.

Do we have an option to exclude this tagging from certain senders that are outside of my organization?

No, once this is enabled it will be tenant-wide. Also, this would not recommended as it would defeat the purpose of the alert as that senders domain could be spoofed.

Related Articles