Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Feature Requests
  3. "[EXTERNAL]" indicator for incoming emails outside of organization

"[EXTERNAL]" indicator for incoming emails outside of organization

Scheduled Pinned Locked Moved Feature Requests
emailfeature-request
5 Posts 3 Posters 1.1k Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M Offline
    M Offline
    msbt
    App Dev
    wrote on last edited by girish
    #1

    A company I work for recently prepended/added an [EXTERNAL] text in the mail body if a message was sent from outside the organization (+ some whitelisted domains like trello.com and others that regularly send emails). This should prevent CEO fraud / spear phishing attacks, in case anyone wants to impersonate someone from the company.

    They're using Office 365 for that, not sure if this is something we need because Cloudron itself already has a variety of security measures, but could be a nice addition, especially if a company grows fast.

    Further reading:
    https://o365reports.com/2020/03/25/how-to-add-external-email-warning-message/
    https://evotec.xyz/creating-visual-indicators-for-spoofed-external-emails-with-powershell/

    1 Reply Last reply
    2
    • girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by
      #2

      My initial reaction was that we can add a sieve rule for this (by matching from address). But I think implementing this at mail server level is probably better since only the mail server knows if the mail truly came from outside.

      1 Reply Last reply
      3
      • M Offline
        M Offline
        msbt
        App Dev
        wrote on last edited by
        #3

        Aye, probably better to have a ui in box to enable/disable and whitelist domains. I don't have a corporate customer waiting for that, I just thought I left the suggestion here for the future, maybe it could be added when something else in that department is touched. 😉

        1 Reply Last reply
        1
        • D Offline
          D Offline
          DualOSWinWiz
          wrote on last edited by
          #4

          @girish is this function exist on cloudron?

          girishG 1 Reply Last reply
          0
          • D DualOSWinWiz

            @girish is this function exist on cloudron?

            girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #5

            @DualOSWinWiz it's not there, no.

            1 Reply Last reply
            0
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes


            • Login

            • Don't have an account? Register

            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search