Microsoft is working on boosting Exchange Online phishing protection capabilities by adding support for external email message tags to its cloud-based email service.
Once the feature is available, Exchange Online admins can increase their organizations’ spam and phishing protection by having all emails from external senders tagged automatically.
“This will be achieved by presenting a new tag on emails called ‘External’ in the message list,” Microsoft explains in the Microsoft 365 roadmap.
“In some Outlook clients, a ‘mail tip’ will be included at the top of the reading pane with sender’s email address.”
The new external email tags will only show up in Outlook on the web, the new Outlook for Mac, and Outlook mobile (iOS and Android).
How to enable external email tagging
After its rollout to all Office 365 environments to standard multi-tenants worldwide later this month, the Exchange Online external tag feature will be off by default.
Admins who want to enable it in their tenants will have to use the Get-ExternalInOutlook and Set-ExternalInOutlook PowerShell cmdlets to view and modify external sender identification configuration in supported Outlook versions.
“If you enable the cmdlet, within 24-48 hours, your users will start seeing a warning tag in email messages received from external sources (outside of your organization),” Microsoft says.
“In Outlook mobile, by tapping on the External tag at the top of the message, the user will see the email address of the sender.”
Microsoft is also working on adding SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online to thwart downgrade and man-in-the-middle (MITM) attacks.
Last year, Exchange Online added support for plus addressing (also known as subaddressing or detailed addressing), allowing Office 365 customers to use unlimited disposable recipient email addresses to filter and track email sources.