Skip to main content

New Unverified Sender Feature in Exchange Online

Posted Date: 12 Nov 2019

Effective Date: 12 Nov 2019

Microsoft recently added a new feature to Exchange Online. The “Unverified Sender” feature is designed to help users identify potential spam or phishing emails that reach their Outlook client mailbox.

The new feature will, in some cases and depending on specific criteria, stamp emails in user mailboxes with one of two warnings, This message did not pass sender authentication or This message authenticates but sent by a different responsible sender. This notification occurs in both Outlook on the web and Outlook.com for users who have migrated to Office 365.

How the Feature Works

Both Outlook.com and Outlook on the web display indicators when the sender of a message either can't be identified or their identity is different from what you see in the "From" address. For example, when Outlook.com and Outlook on the web can't verify the identity of the sender using email authentication techniques, a "?" is displayed in the sender photo area. See an example on Microsoft's support page.

Additionally, when Outlook detects the sender's address is different than what appears in the "From" field, it displays the actual sender address using a "via" tag. See an example on Microsoft's support page.

Use Best Practices

While not every message that fails to authenticate is malicious, members of the Northwestern community are encouraged to use best practices when interacting with messages that don't authenticate or when you recognize a sender that normally doesn't have a "?" in the sender image.

It is important to know that Microsoft regularly rolls out new features and services to Northwestern's Office 365 without warning or with minimal lead time. Northwestern IT continues to monitor for these updates and communicate changes that impact the Northwestern user community.

Back to top