Before an email from outside our company hits our Exchange servers, our Proofpoint email filtering system applies a subject line prefix of [EXTERNAL] to alert our recipients that this is an email from the outside so they can take extra caution before considering clicking on links inside of these emails that may be malicious. Unfortunately, if an Outlook user changes their mailbox view to "Show as Conversations”, the subject line prefix will not display. This is also true with the RE: & FW: prefixes, which I’m not concerned about.
After working with Microsoft Support on Case#26134986, I was told "It is by design that when you turn on "Show as Conversations", the [EXTERNAL] subject line prefix or any other prefix (which is coming from the server) gets removed from this preview. It is not really part of the subject but rather a server label. The subject line prefix of [EXTERNAL] can be seen once the user opens the email in the conversation thread."
Our job as email administrators is to minimize risk to our company assets. Since many of our Outlook users find the "Show as Conversations" view as a convenient way to review their email, I feel it is imperative for Microsoft to make a change to display applied subject line prefixes when in "Show as Conversations" to help prevent recipients from clicking on malicious links inside of their emails.
Anybody else feel this is a security hole that needs to be plugged? Thank you for your time and consideration.