Skip Ribbon Commands
Skip to main content
Mark E. Smith's Brain Dump > Posts > Country Specific Email Disclaimers
July 24
Country Specific Email Disclaimers

If you're an Exchange Administrator, chances are that your company has a requirement for a Legal Email disclaimer. If you're working for a global organization there might also be country and/or legal entity specific email disclaimers. For example, if you worked for the US based company "The Acme Company, Inc." but it also had a UK based entity "The Acme Company, LTD" there might be a requirement for two different Email Disclaimers. This article will show you how to create these two disclaimers based Active Directory Attributes.

First let's create our "Default Email Disclaimer". This is very straight forward so I'll skip the detail and just but let's quickly create one using the shell:

New-TransportRule -Name 'Disclaimer - Standard' -Comments '' -Priority '0' -Enabled $true -SentToScope 'NotInOrganization' -ApplyHtmlDisclaimerLocation 'Append' -ApplyHtmlDisclaimerText '--

This is my standard disclaimer message.' -ApplyHtmlDisclaimerFallbackAction 'Wrap'

Ok now we have a standard email disclaimer that will be appended to all users. Let's create one that will just fire for our users who are based in the UK but first let's examine the Active Directory attribute that we'll use to determine who a UK user is. In ADUC the Country/Region pull down is on the Address Tab. For my test user, I currently have this set for "United States":

Let's examine what attribute(s) this translates to in the directory by opening up ADSI Edit, navigating to the OU where my test user object is and then looking at the properties of the user object.

You'll notice that there are three attributes that contain Country or Region information "c" which contains the two letter ISO 3166 Alpha Country Code, co which has the country name, and countryCode which is the ISO 3166 Country Code.

Let's change the pull-down in ADUC to United Kingdom and examine the attributes.

Wow – Football all of the sudden has a new meaning and I just started putting "e's" on the end of words but I digress… Our three attributes are now updated as well.

So, how does this translate to a country specific disclaimer? Well we need to know which attribute the Exchange Transport rule will follow i.e. c, co, or countryCode. As you're probably aware Exchange uses OPATH filters which don't directly map to LDAP attributes. If we examine the OPATH to LDAP map table we'll see that the OPATH attribute "countryorregion" maps to the c attribute in AD. So, now that we know which attribute to set the value to in our transport rule, let's create it:

New-TransportRule -Name 'Disclaimer - UK' -Comments '' -Priority '0' -Enabled $true -SentToScope 'NotInOrganization' -SenderADAttributeContainsWords 'countryorregion:GB' -ApplyHtmlDisclaimerLocation 'Append' -ApplyHtmlDisclaimerText '--
This is my disclaimer for the UK LTD users. Cheers!' -ApplyHtmlDisclaimerFallbackAction 'Wrap'

 Notice we used the argument –SenderADAttributeContainsWords 'countryorregion:GB' where GB = the value of the 'c' LDAP attribute.

So, let's test:

Uh oh, both disclaimers fired! We need a way for only one disclaimer to fire. So, let's use an SMTP header to "tag" when we've added a disclaimer and then put an exception in if this value exists by using the "SetHeaderName" argument and using a X- header name of "Disclaimer" and value "TRUE". We'll then put an exception to this rule to look for this header and value. So, let's correct the two rules we created using:

Get-TransportRule Disc* | Set-TransportRule -ExceptIfHeaderMatchesMessageHeader 'X-Disclaimer' -ExceptIfHeaderMatchesPatterns 'TRUE' -SetHeaderName 'X-Disclaimer' -SetHeaderValue 'True'

 Now let's test again:


Great only one disclaimer. Now let's change my country code back to the US…. Ahh Football is played with a pigskin, that game with the fishnets at the end of the field is called Soccer, and I'm back to drinking coffee rather than tea!

Now let's test again:


Perfect! One disclaimer.

So, hopefully you have gained additional insight in the use of disclaimers, transport rules, OPATH and LDAP Attributes!



There are no comments for this post.