Score:3

Display full FROM email address in Outlook

jp flag

I'm trying to do phishing mitigation in the Outlook desktop app, and I've seen a number of cases where the display name is so long that the email address gets truncated, e.g.

From: Microsoft email account activity notifications [email protected]

might get truncated in the view pane to

From: Microsoft email account activity notifications <[email protected]

which looks at least superficially legit.

Is there a way to ensure that the full email address is displayed? Yes, I know that users can mouse over the email address to see who the email is from, but I want to eliminate barriers to good email security.

Ideally, I would like to set this in a GPO.

anx avatar
fr flag
anx
How are the mails displayed by your outlook client received? You probably have the option to simply reject (start with audit-only!) mail that Outlook cannot properly render. Anecdotal evidence: This has similar benefit/collateral damage ratio as content scanning for me.
Score:1
us flag

I think you could try adding a custom form configuration file in the following guidance to your client so that there will be a column displaying the sender's email address in the message list:

Show sender’s e-mail address as a column in the Message List

My test result in the following screenshot is for your reference:

enter image description here

If the sender's email address is a bit long, you could change the Reading Pane to bottom:

enter image description here

enter image description here

Besides, if you want to block the emails from the phishing sender, you could create an inbox or transport rule:

enter image description here

Nikita Kipriyanov avatar
za flag
Excuse me, do you really expect users to know absolutely all phishing email addresses ahead of time to block them?
Ivan_Wang avatar
us flag
@NikitaKipriyanov I was just making suggestions for the current scenario and the specific email address mentioned above.
anx avatar
fr flag
anx
You do, however, know all variations of the simplest form of this particular type of phishing trick and can express it in regular expressions. Just do not widely apply anti-lookalike rules to *second*-level domains, because a few of those (like com.au) are perfectly legitimate.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.