Corporate Signatures and Disclaimers: Setup and deployment guide

Corporate Signature buttonWithin a company, you usually want to control the signatures that users are using when sending mail outside of the company. Most companies want to include at least a “disclaimer” text, others want to control the amount of contact details as well and still others want to control the entire look and feel of the signature.

Outlook offers no direct means to do this since the Signature feature in Outlook is a client side feature and thus users can create and modify their own signature. You can lock down the access to the Signature feature by using Group Policies but that still doesn’t take away the issue of creating/generating a standard signature in the first place and deploying it to the users.

This guide discusses the features that Exchange offers to create and manage signatures at server level. Also, additional methods are being discussed to manage it without an Exchange server. Finally, an overview of 3rd party solutions is provided for alternative solutions.

CodeTwo - Email Rules Family

Exchange 2013, 2016, 2019 and Microsoft 365 Exchange Online

Exchange buttonExchange 2013, 2016, 2019 and Microsoft 365 Exchange Online offer support for HTML based signatures and retrieving user information from Active Directory to dynamically create personalized signatures as well as static disclaimers.

  1. Logon to the Exchange Admin Center (ECP).
  2. From the Navigation Pane on the left, select: Mail Flow.
    When using Microsoft 365, you could use this direct link.
  3. In the Rules section, click on the + icon to create a new rule. If a menu opens up, select: Apply disclaimers… (if not, continue to the next step).
  4. Name your rule. For instance: Corporate External Signature and Disclaimer.
  5. Click on the “More options…” link to show all rule conditions and actions and to be able to add more conditions.
  6. Select the following “Apply this rule if…” conditions. Press the “add condition” button to add the second condition;
    • The sender…-> is external/internal-> Inside the organization
    • The recipient…-> is external/internal-> Outside the organization
  7. From the “Do the following…” list select:
    • Apply a disclaimer to the message…-> append a disclaimer
  8. Click on the “Enter text…” link to construct your Signature.
    • You can use HTML, inline CSS and links to images stored on a web server by using the img tag.
    • You can use practically any Active Directory user property as a variable by placing it between double percent character like; %%DisplayName%%.
    • The signature including all HTML tags can be up 5,000 characters long.
    • Any HTML tags are automatically stripped when the message format is Plain Text.
  9. Click on the “Select one…” link to select a fallback option when the disclaimer can’t be added;
    • Wrap
      Enclose the original message in a new message envelope and add the disclaimer into the new message.
    • Reject
      Don’t deliver the message and send an NDR to the sender.
    • Ignore
      Deliver the message but without the disclaimer.
  10. Optionally; Set any exceptions, auditing or other options for the rule.
  11. Press the “Save” button to create and activate the Transport Rule.

Creating an Disclaimer rule in the Exchange Admin Center.
Creating an Disclaimer rule in the Exchange Admin Center.

Supported variables

As mentioned before, you can use practically any Active Directory user property as a variable by placing it between double percent character like
Example: %%DisplayName%%

Below you’ll find some frequently used AD properties for signatures;

CustomAttribute1 – CustomAttribute15

Extra tip!
You can also automatically include a personalized “Chat with me in Teams” link within the signature or include links for other online meeting tools such as Skype, Zoom, Cisco Jabber or Slack. For more details to create such links see; Add Teams, Skype, Zoom and other chat, call or meet now links to your signature.

Exchange PowerShell

Exchange PowerShell buttonSignatures and Disclaimers can also be created via the New-TransportRule Exchange PowerShell cmdlet. They can later be managed via the Disable, Enable, Get, Set and Remove cmdlets.

The example above becomes the following PowerShell command;

New-TransportRule -Name 'Corporate External Signature and Disclaimer' -FromScope 'InOrganization' -SentToScope 'NotInOrganization' -ApplyHtmlDisclaimerText '<br>Yours faithfully,<br>%%DisplayName%%<br>%%Title%%<br><hr>The following <a href="">disclaimer</a> applies to this message.' -ApplyHtmlDisclaimerFallbackAction 'Wrap'

Outlook Signature deployment via script

VBS Script buttonIf you are not using Exchange or are looking for a client (Outlook) level solution to generate your signatures, you can do this via a script. There are various ways to do this of course but there are a couple of common things to keep in mind when going for a custom script;

  • The signature has to end up in the user’s Signatures folder.
  • A single signature contains a Plain Text, HTML and Rich Text version of your template with their corresponding file formats;
    *.txt, *.htm and *.rtf
  • You’ll need to query Active Directory via LDAP if you want to include user specific information.
  • Consider how you want to update the signature. For instance;
    Are you going to run the script each time at logon or only once and then users can run the script manually via a Start Menu shortcut?
  • Are you going to disable access to the Signature feature via Group Policies?
  • Note that you cannot set the deployed signature as the default via Group Policies; this requires an additional one-time Registry modification (see below script example for further details).

Below you’ll find a sample script to help you on your way, it is not intended for use as-is.

Click in the area above and press CTR+A to select all. Press CTRL+C to copy the code.
Open Notepad, paste the code in the editor and save the text document as a vbs-file.

Set generated signature as the default signature
Registry Editor buttonAs mentioned before, you’ll need to set and remove additional Registry values in order to have Outlook use the deployed signature as the default for newly created emails and replies and forwards.

  • Remove the First-Run value name from:
  • Add the NewSignature and ReplySignature value names to:

Their string values need to be set to the name of the signature.

After Outlook has been started, the First-Run key is being added back again and the NewSignature and ReplySignature values are automatically being removed. When multiple mail accounts are configured, they will all have their new and reply/forward signature set to the ones specified in the Registry file.

The example below makes the appropriate Registry modifications for Outlook 2016, Outlook 2019, and Office 365 and uses the signature name of “Standard Signature”.

Windows Registry Editor Version 5.00


"NewSignature"="Standard Signature"
"ReplySignature"="Standard Signature"

3rd party solutions

Add-Ins buttonIf all of the above solutions do not fit your needs, not to worry! There are plenty of 3rd party solutions available to manage corporate signatures at either Exchange or Outlook level. A short list can be found below;