Farewell Email Warning | Annoying Warning “The Email Below Might Contain Script or Content that is Potentially Harmful and Has Been Blocked.”

Farewell Email Warning | Annoying Warning

Not one week go by where I do not get a question from a Dynamics 365 Customer engagement user or admin on how to get rid of the warning on Emails in Dynamics that contains HTML components, such as <script> or <style>. Good news is that it now can be gone with a simple setting. (step by step guide included in this post)

V9 UCI Email Warning Timeline annoyance

The Annoying warning started way back when in Dynamics CRM 4, where it was just a small yellow line that most users just ignored.

Farewell Email Warning | Annoying Warning 

But since Dynamics CRM 2011 the Warning just got more visible in”What’s new” list and lately, in newest Dynamics V9, it got an even more prominent appearance for some strange reason.

Until now only way to get rid of it was to include unsupported script code that usually was not upgrade friendly… but this all changed some point in time this year as Microsoft snug a Feature flag into OrgDbOrgSettings for Admin to toggle this warning on and off.

Before and after setting feature flag “SecuritySettingforEmail” in OrgDbOrgSettings

This slideshow requires JavaScript.

Email Warning Be Gone in 3 easy steps

To edit the organization database settings aka OrgDbOrgSettings you have at least 2 choices, one is to run a command line script that could be included in your deployment the other is to use this point and click solution from within Dynamics/PowerApps Admin interface create by Sean McNellis.

To Prove it worked, I used Sean McNellis’s tool with below steps:

  1. Download and install the solution
  2. Open the solution and locate the “SecuritySettingforEmail” entry
    • Open the Solution and activate the tracking through pressing of the “Add” button.
  3. Change the “SecuritySettingforEmail” value from 1 to 3

See here how i did it:

For the Change Management people

Please notice that this fix also gets rid of the “View full Email” link so please direct users to use the More Commands (…) >> Open Entity Record option instead.

What else is “hidden” in OrgDbOrgSettings



the full list of setting: https://support.microsoft.com/da-dk/help/2691237/orgdborgsettings-tool-for-microsoft-dynamics-crm

13 thoughts on “Farewell Email Warning | Annoying Warning “The Email Below Might Contain Script or Content that is Potentially Harmful and Has Been Blocked.”

  1. Hi when I change the value of “SecuritySettingforEmail” it seems to do this for an unknown crm instance. How can I do this for my live and sandbox instance instead?

    1. The setting is global and affects all your instances and cannot be selectively added to only one of your instances.. Sorry

      1. We get this message for Appointments as well. The setting is working for emails now pretty fine but appointments still show the harmful content message. Do you know a solution for that as well?

      2. Sorry no… but I will try to find the source in Microsoft on the Email fix and apply light pressure to fix this as well for appointments

  2. Hi Jens,

    This is a great tip. It really improves the overall user experience not having to see this annoying warning every time you see an email on a timeline.


  3. I was able to activate it but the warning in the activity pane did not get removed, only on the email forms. Any advice?

    1. It is a simple setting that er Cannon do much abort on our own…. My suggestion would be to contact Microsoft Support

  4. Hi Jensk,

    Thank you for the post, it helped me to solve the issue with email, however the message appears for appointment, can you let me know if there is any way to remove the messages from appointments too.

    1. Correct…it does not seem to work for the warning on appointments, and unfortunately, I do not have any suggestion other than to contact Microsoft and suggest it to be included

    1. I believe it strips the HTML and scrips.. but I would count on that the email server receiving would handle malicious emails and therefore render this warning obsolete and just annoying

  5. Hello, i feel that i noticed you visited my web site so i got here to go back
    the favor?.I’m trying to find things to improve my web site!I assume its good enough to make use of a few of your concepts!!

Leave a Reply