It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

How to Use the Microsoft Exchange Button

  • Last updated on

The Microsoft Exchange Button is a server-side plugin for both Microsoft Exchange and Microsoft 365.

The Microsoft Exchange button is a new button that you can add to the ribbon of your mailbox. You can customize it, so it might have a different icon or words, but it usually looks similar to the buttons shown here:

  • Desktop Client



  • Web Browser


  • Desktop or Web Client, with certain configurations

Click the top button to reveal the bottom button. Click the bottom button to report the suspect email.



Purpose of Microsoft Exchange Button

Users can click the Exchange Button to report emails that they think are suspicious. These emails might be mock phishing tests or they might actually be real phishing attacks. It is best to report any email you think is suspicious.

Using the Microsoft Exchange Button

To use the Exchange Button:

View or preview an email in one of the following ways:

  • With the Reading Pane open, select a single message.
  • Double-click a message to open it. 
  • You can only report one message at a time. 
  • If you are not previewing the message in the Reading Pane, or viewing the message body in a separate window, the button will dimmed and you will be unable to use it.


Once the user clicks the button to report an email:


Refer to Customization Options - Microsoft Exchange Button for information on the configuration settings mentioned in this section.

  1. The logic in the button determines in which category the reported email belongs:
    • Mock phish: A mock phishing email sent by Security Awareness Training
    • Internal: An email from an internal domain, based on your button configuration;
    • Something else: An email that is neither a mock phish, nor from an internal domain. These are the most likely to be actual phishing messages.
  2. The reported email is forwarded, sent from the reporting user’s email account, to the administrative email address you configured. 
  3. Based on the configuration, the user might see a message thanking them for the report. This message is inline, within the body of the email, so the user might not see the message, especially if the message is automatically deleted. This is what the messages look like
    • while the email is being reported
    • after the report has completed
  4. Depending on the configuration, the message may or may not be deleted. Administrators can choose not to delete reported emails if they come from an internal email address.