Tagging based on 3rd party API

Copper Contributor

I'm not sure how to describe what I'm looking for so let me spell it out the best I can and maybe someone can point me in the right direction.

 

Recently we've had some targeted spam/phishing attacks that are almost matching the domain of a legitimate customer.  For example:

email address removed for privacy reasons
email address removed for privacy reasons

 

Notice "electric" being spelled with a lower case "L" instead of a lower case "i".  We train staff to look at email addresses but that's pretty easy to miss.

 

Along the same strategy as the "External" tag, where the from field shows "External" when it's not our own domain, I'm wondering if there is a way for Exchange to check the "from" email addresses against a database of confirmed addresses in our CRM and tag them as "unrecognized" or something.  That way the staff person might have some idea to look a little closer or check the address against our CRM before replying.

 

Any thoughts?

Greatly appreciated.

Rois Cannon

 

6 Replies
Thanks for sharing this information
I'll copy this question to the Exchange forum. Perhaps that is a more appropriate place to ask this question. Still open to hear if any Outlook users have an idea.
We do use the external tagging feature and are very happy with it. However, that only identifies when it's not a domain that we host for our company. I'm looking for some way to visually indicate we are receiving an email that is not verified in our CRM/Database.

I did review the "-AllowList" parameter from Set-ExternalInOutlook, which might have worked except the docs show "The maximum number of entries is 50, and the total size of all entries can't exceed one kilobyte. " I have well over 100,000 email addresses in our CRM. Even if I focus on non-free email domains (excluding yahoo, gmail, hotmail, etc), I have over 4,000 unique entries.

That's why I was hoping for some kind of API option so I wouldn't have to maintain a duplicate list of active email addresses on the Exchange system.

I'm open to any suggestions that might accomplish what I'm trying to do.
Rois

Hi @RoisCannon,

If you are using Exchange online, then the combination of a transport rule and a Power Automate flow can do what you want. You can use this template as a base. 

Thanks. I'll have a look.