Prowler HUB

Ensure email from external senders is identified.

exchange_external_email_tagging_enabled

Ensure that emails from external senders are identified using the native External tag experience in Outlook clients, which helps users recognize messages originating outside the organization.

Risk

If external email tagging is not enabled, users may be unable to quickly identify emails coming from outside the organization, increasing the risk of phishing or social engineering attacks.

Run this check with Prowler CLI

prowler m365 --checks exchange_external_email_tagging_enabled

Run in Prowler Cloud

Remediation

CLI

Set-ExternalInOutlook -Enabled $true

WUI

Enable the External tag for Outlook to help users visually identify emails from outside the organization.

References:

https://techcommunity.microsoft.com/t5/exchange-team-blog/native-external-sender-callouts-on-email-in-outlook/ba-p/2250098

Source Code

References

https://learn.microsoft.com/en-us/powershell/module/exchange/set-externalinoutlook?view=exchange-ps

Resource Type

Exchange External Mail Tagging

Check MetadataEdit

Check CodeEdit