As you may already know, Exchange Online Protection has been able to provide a ‘First Contact Safety Tip’ to display a notification to end-user when they receive an email from somebody for the first time to make them pay more attention in case of potential phishing.
Well, until then, this ‘First Contact Safety Tip’ had to be configured by an Exchange administrator using a Mail Flow Rule, using the Modify messages option by setting the X-MS-Exchange-EnableFirstContactSafetyTip header value to Enable, like below
Good new, this ‘First Contact Safety Tip’ can now be configured directly and easily using the anti-phishing policy from the Office 365 Security Portal (https://protection.office.com/); also available with the default anti-phishing rule by editing the Action options
If you already had set the mail flow rule, you will have to disable it.