If you have enabled DualShield MFA on the EWS application node in your Exchange servers, and your users are using the Outlook message templates, then you need to add the following exemption.
In the IIS Manager, select the "EWS" application node:
Click "DualShield Authentication" to launch the "DualShield IIS Agent" control panel:
In the DualShield IIS Agent control panel, click "URL Filter" button
Click the "Add" button
In the "URL" box enter "/owa/.*/prem/.*/ext/def/.*"
Select "Use regular expression"
Click "OK" to save it
Click "OK" to finish it
Finally, click "Apply" to apply the changes.