diff --git a/ExchangeOnline/New-EXOExternalDisclaimerTransportRule.ps1 b/ExchangeOnline/New-EXOExternalDisclaimerTransportRule.ps1 index 2983557..a41d5cc 100644 --- a/ExchangeOnline/New-EXOExternalDisclaimerTransportRule.ps1 +++ b/ExchangeOnline/New-EXOExternalDisclaimerTransportRule.ps1 @@ -88,8 +88,7 @@ function Install-RequiredModules { try { Install-Module -Name $Module -Force -AllowClobber -Scope CurrentUser -ErrorAction Stop Write-Information "Successfully installed $Module" -InformationAction Continue - } - catch { + } catch { throw "Failed to install required module '$Module': $($_.Exception.Message). Please run 'Install-Module -Name $Module' manually or ensure you have appropriate permissions." } } @@ -103,14 +102,12 @@ function Test-ExchangeOnlineConnection { try { Get-OrganizationConfig -ErrorAction Stop | Out-Null Write-Verbose "Connected to Exchange Online" - } - catch { + } catch { Write-Information "Not connected to Exchange Online. Attempting to connect..." -InformationAction Continue try { Connect-ExchangeOnline -ShowProgress:$false -ErrorAction Stop Write-Information "Successfully connected to Exchange Online" -InformationAction Continue - } - catch { + } catch { throw "Failed to connect to Exchange Online: $($_.Exception.Message). Please ensure you have the necessary permissions and network connectivity." } } @@ -130,7 +127,7 @@ function Set-ExternalDisclaimerRule { $existing = Get-TransportRule -Identity $RuleName -ErrorAction SilentlyContinue $ruleParams = @{ - Comments = "External email disclaimer per ArchiTech Labs methodology (https://www.architechlabs.io). Prevents duplicates via header stamp. Blog: https://www.architechlabs.io/articles/external-email-banner/" + Comments = "Appends disclaimer on all inbound external mail. Adds $HeaderName header to mark processing and prevent dupes. Exceptions only via auth results (DKIM > SPF > Return-Path). Focused on accessibility, consistency, security, and usability." Priority = $Priority FromScope = 'NotInOrganization' SentToScope = 'InOrganization' @@ -142,6 +139,7 @@ function Set-ExternalDisclaimerRule { ExceptIfHeaderMatchesMessageHeader = $HeaderName ExceptIfHeaderMatchesPatterns = $HeaderValue Enabled = -not $Disabled + SenderAddressLocation = 'Envelope' } $action = if (-not $existing) { "Creating" } else { "Updating" } @@ -149,8 +147,7 @@ function Set-ExternalDisclaimerRule { if (-not $existing) { New-TransportRule -Name $RuleName @ruleParams -ErrorAction Stop - } - else { + } else { Set-TransportRule -Identity $RuleName @ruleParams -ErrorAction Stop } @@ -182,25 +179,30 @@ $BannerHtml = @'
+
+
- ⚠️ External Email – Check Before You Act

- This email is from outside our organization.
- • Do not reply, click links, or open attachments unless you trust the sender.
- • If it looks like it came from someone inside, confirm another way before acting.
- • Report suspicious messages using the REPORT button. + ⚠️External Email – Verify Before You Act⚠️

+ This email is from outside the organization.
+ • Do not reply, click links, or open attachments unless you trust the sender.
+ • If it appears to be from someone inside the organization, confirm via another method before taking action.
+ • Report suspicious messages using the Report button.
+ + +
@@ -220,12 +222,10 @@ try { if ($Disabled) { Write-Warning "The rule '$RuleName' is created but DISABLED. Enable it when ready to activate." Write-Information "To enable: Set-TransportRule -Identity '$RuleName' -Enabled `$true" -InformationAction Continue - } - else { + } else { Write-Information "The rule '$RuleName' is now active with NO authentication exceptions." -InformationAction Continue } -} -catch { +} catch { Write-Error "Failed to configure transport rule: $($_.Exception.Message)" Write-Warning "Common issues: Insufficient Exchange Online permissions, network connectivity, rule name conflicts, or transport rule size limits" throw