I have seen that in a University, they started tagging all emails not from a @university.com source with a warning inserted on top of the body.
Worst idea ever. All emails sent from reputed government agencies and from the attached hospital to the University got this warning.
They however could have been trusted because all of those sources have correctly configured dmarc, spf, and dkim signed email with strong enforcement.
As a result of the internal body modification dkim verification fails and the email can not be trusted anymore.
Ironically, this very same university has no policy or very relaxed one for SPF and DMARC and do not DKIM sign.
Further more they do not allow smtp access for submission from out of the campus (but they do allow IMAP and POP) So you can send a from @university.com email from any smtp server in the world.
Guess what field they check? Yes the From: line. So you can send a fraudulent email there, and they won’t tag it but will tag the one you could have trusted.