Global email disclaimers with Office 365

Modified on Mon, 12 Nov 2018 at 10:35 AM

Overview: this article contains technical information required to implement customized Office 365 global email disclaimers

There's a helpful summary table at the end of this article - feel free to skip down and use it right away!

Email signatures (aka. "disclaimers") are common place in business email, and a client-based signature is recommended for professionals who want fine control over the look and feel. However, automated signatures can be generated by Office 365 (Exchange Online) and appended to all email. A measure of control can be applied to filtering which emails sent out have the disclaimer appended. Rule can be defined that include or exclude, based on a number of possible variables such as:

Sender is member of a group (Office 365 | SharePoint | Email distribution)
Sender is individual X, Y or Z
Subject/body contain specific text
Recipient domain is X
Recipient is X, Y or Z
Message has attachment (or attachment of type X)
Date range

Before proceeding, there are some limitations to be aware of:

Cannot insert the signature directly under the latest email reply or forward
- It get's appended to the absolute end (take a look at a typical "email reply chain" to consider this limitation)
Does not display server-side email signatures in users’ Sent Items folders
- The sender does not "see" the signature (unless they send to themselves or view the recipient's reply)
Cannot embed images in email signatures (all images must reside on public facing HTTP (SSL) servers
Template must be shorter than 8192 characters (plain text limited to 5000 characters)

(More info here: Microsoft Organization-wide Signatures and Disclaimers)

Create a test disclaimer

Log onto Office 365 with admin privileges and create a new Office 365 group called EmailDisclaimerGroup

Go to Exchange Admin Centre > mail flow > rules

Add a new rule called "DisclaimerTest":

For the properties of the rule use the following:

"The sender is a member of..." = EmailDisclaimerGroup@your-domain.com

Now add another condition "The subject or body includes..." = "DisclaimerTest"

Click "Append the disclaimer.." and paste or type a test disclaimer, for example "[Footer placeholder for company disclaimer]"

Fallback action: Wrap

Click Save

PowerShell commands

Sadly, the GUI web interface for Exchange Online is not yet aware of any groups other than Email Distribution Groups. In order to associate this new rule with the Office 365 Group that we created (or a an existing Office 365/SharePoint group) we'll need to use the command line.

The full details of how to connect to Exchange Online using PowerShell are published on Microsoft Docs, but here's the step-by-step process:

Run Windows PowerShell as administrator (Start > type "powershell")
Type the following commands (enter "Y" when asked if you want to change the execution policy)
- ```
Set-ExecutionPolicy RemoteSigned

$UserCredential = Get-Credential
```
  At the prompt, enter an Office 365 account with admin privileges for this domain, then enter the next command...
- ```
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $Session -DisableNameChecking
```
  Now we can run the command to view and edit or email disclaimer rules...
- ```
Get-TransportRule

Get-TransportRule -Filter {Description -like "DisclaimerTest*"} | Format-List
```
  Setting/editing a rule is described in detail at Microsoft Docs, but we're just going to update the "DisclaimerTest" rule with the Office 365 Group "EmailDisclaimerGroup" that the rule will be applied to:
```
Set-TransportRule "DisclaimerTest" -FromMemberOf "EmailDisclaimerGroup"
```
  Now we can close our PowerShell session gracefully, so that we don't get locked out of future PowerShell sessions with ExchangeOnline
```
Remove-PSSession $Session

exit
```

Dynamic fields

Office 365's Exchange Online servers will process certain dynamic fields, replacing the tokens with the sender's real details such as name and phone number. Here's a list of some useful tokens: (all tokens are encapsulates by double percentage signs %%token%%)

Token	Notes
FirstName	Example use: %%FirstName%%
LastName
DisplayName
Title	Office365: "Job title"
Email
PhoneNumber	Office365: "Office phone"
MobileNumber	Office365: "Mobile phone"
UserLogonName
Various other user attributes:	City, Company, Country, CustomAttribute1 - CustomAttribute15, Department, FaxNumber, HomePhoneNumber, Initials, Manager, Notes, Office, OtherFaxNumber, OtherHomePhoneNumber, OtherPhoneNumber, PagerNumber, POBox, State, Street, ZipCode

The secure SSL site to serve any images and links

We recommend working with a hosting provider with experience in HTML email compliance who will be able to provide:

Public facing HTTPS site to serve images and links
SSL certificate accepted by most current and legacy email clients
Inclusion of transparent analytics links
Fast DNS cache, short URLs, fast response cache, GZIP compression

The disclaimer template

As to the HTML code for the actual disclaimer, we recommend working with an experienced coder so that the template can be universally viewed on the plethora of current and legacy devices in use today: dedicated email clients (Microsoft Outlook, Mozilla Thunderbird), built-in email apps (Android, iPhone, iPad), and browser-based email (Gmail, Yahoo, Live). Not only are there numerous email clients and devices, but each version (often every year) will display email slightly differently. Compounding the issue is the device OS (Windows, Mac, Linux, Android, iOS), the browser version and config, and even the SMTP servers through which the email passes. Finally, security rules on the device and set by the user will also affect how the email is displayed. Some of the complications that an experienced HTML coder will accommodate are:

Backwards-compatible HTML

<TABLE> layout | 600px or 300px max width | Background colour specified | No more than 7 rows | BORDER=0
HTML less than 8192 characters | Minify the final HTML
Deliberate white-space encoded ( )
Inline CSS style rather than stylesheet
No DIVs, and no text-decoration (override)
HREFs using HTTPS not HTTP
Explicitly declare all colours for text and background
Use relative font size rather than pixels (em | small)
Use stock fonts

Backwards-compatible images

External source | HTTPS not HTTP
Specifyexact image size (px)
Force no-send and no border (nosend="1" border="0")
Ensure ALT tag on all images
Only use GIF or JPG, not PNG or SVG
Do not use GIF icon sprites
Use images for icons rather than fonts (over which you will have very limited choice)

Contents

Reduce on-screen text by using hyperlinks to legal content
- "....save the planet..." insults the reader, implying they need to be told to think twice about printing
- "...does not reflect the views of the organization..." also implies the reader needs basic training - this can be included on a web link
Include a photo to personalize the email
Use HREF protocols that automatically act ( tel: / sip: / im: / mailto: / callto: )
Place "call-to-action" links/banners at bottom to avoid drawing focus from relevant info
Hide analytics in transparent pixel

Cater for plain text...(and iPhone users who haven't downloaded the Outlook app)

You can allow for "plain text" emails, to a degree. Generally you will want to send HTML formatted email, but the recipient's mail server or mail client may convert that to plain text; there's little you can do to change how your HTML will get re-formatted on this initial email. However, if they send a message and you reply, usually your email client will switch down to match - your reply message will get sent as plain text. Additionally, you may use a client that defaults to plain text (some mobile devices). In order to accommodate such scenarios, add another mail disclaimer just for "plain text" emails:

Create/duplicate a rule (Exchange Admin Centre > mail flow > rules - for example "GlobalDisclaimerPlainText")
Simply add another condition:
- check if header value "Content-Type" contains"text/plain" (As opposed to MS Outlook's "application/ms-tnef" or the general "multipart/alternative" used to indicate HTML formatting)
Replace the HTML version of the disclaimer/signature with a plain text version
- There is no universal format for line breaks in "plain text" email, so prepare a simple 1 line (or paragraph) response
All of the fields above can be used exactly as with HTML, encapsulated via double %% (Example: %%Email%% )
- Example for a very simple plain text signature: %%FirstName%% %%LastName%% | %%PhoneNumber%%

...and now for the many iPhone users that will not follow you recommendation to use the amazing Outlook app (provided free by Microsoft in the Apple store: https://itunes.apple.com/us/app/microsoft-outlook/id951937596), and will just use Apple's built-in "Mail" app. This app has been accused of being draconian because there is no way to use HTML format, and the app hideously "converts" (mutilates!) your nice HTML into Apple's version of plain text. Now, banking of the reason for the iPhone user is not using Outlook app is that they didn't know about it and just used the Apple Mail app, they probably will also have left he "Mail" app's default signature as "Sent from my iPhone" - and we'll now use that signature to cater for this type of user:

Create a new rule with the condition:
- "Body or subject contains" = "Sent from my iPhone$"
- (Please note the $ symbol, which specifies that this is the end of a line; RegEx syntax)
Append the same signature/disclaimer that you use for standard plain text

Finally, you'll want to add exceptions to all rules to that that multiple actions are not applied to the same email message.

Summary table

Implementing the above article, here's a summary of the 3 rules that you'll want to add for each different disclaimer/signature in your organization:

Rule	Condition(s)	Action(s)	Exceptions(s)
GlobalDisclaimerHTML	{Member of group} or none	Append the disclaimer: HTML text	The subject or body matches: Sent from my iPhone$ A message header includes...any of these words: text Content-Type words text/plain
GlobalDisclaimerPlainText	{Member of group} or none A message header includes...any of these words: text Content-Type words text/plain	Append the disclaimer: plain text	The subject or body matches: Sent from my iPhone$
GlobalDisclaimeriPhone	{Member of group} or none The subject or body matches: Sent from my iPhone$	Append the disclaimer: plain text

Testing

To test your global email disclaimer, just add yourself to the test group "EmailDisclaimerGroup", and send an email to yourself with the subject "DisclaimerTest" - that should be sufficient to trigger the rule and Exchange Online will append the disclaimer, replacing any tokens with data extracted from your Office 365 profile. Changes: Exchange Online can suffer huge lags, taking over an hour in some cases to reflect any changes you make - testing any changes will therefore require patience.

Feel free to contact us for assistance on implementing your Office 365 global disclaimer. We hope that this guide has been useful!