Would you like to have images automatically download for simulated phishing and notification emails sent by CanIPhish?
In this support article we'll walk through the allowlisting process to add CanIPhish managed domains to the Outlook Safelist Collection, ensuring images are automatically downloaded. This has the added benefit of ensuring the email view metric in simulated phishing campaigns is accurate.
Note: The guidance in this article builds upon Microsoft guidance on configuring the safelist collection on an Microsoft 365 mailbox. Please refer to this article to learn more about mailbox safelist collections.
Table Of Contents:
- Prerequisites
- Step 1: Connect to Exchange Online PowerShell
- Step 2: Define the Domains to Add
- Step 3: Add Domains to All Mailboxes
- Step 4: Verify the Changes
- Additional Notes
- Example Script
Prerequisites
-
Exchange Online PowerShell Module: Ensure you have the Exchange Online PowerShell module installed. If not, install it using the following command:
-
Administrative Privileges: You must have the necessary permissions to modify mailbox configurations across your organization.
Step 1: Connect to Exchange Online PowerShell
Open PowerShell with administrative privileges and connect to Exchange Online:
Replace your_admin_account@yourdomain.com
with your admin username.
Step 2: Define the Domains to Add
Create an array containing the CanIPhish domains you wish to add to the Safe Senders list:
Note: If you've setup white-labelling, we recommend adding your white-labelled domain to the list.
Step 3: Add Domains to All Mailboxes
Run the following command to add the specified domains to the Safe Senders list for all users:
Explanation:
-
Get-Mailbox -ResultSize Unlimited
: Retrieves all mailboxes in your organization. -
ForEach-Object { ... }
: Iterates over each mailbox retrieved. -
Set-MailboxJunkEmailConfiguration
: Updates the junk email settings for the specified mailbox. -
-TrustedSendersAndDomains @{Add=$domains}
: Adds the specified domains to the existing Safe Senders list without overwriting it.
Step 4: Verify the Changes
To confirm that the domains have been added, you can check the Safe Senders list of a specific mailbox:
Replace user@domain.com
with the email address of a user in your organization.
Additional Notes
-
Processing Time: Depending on the number of mailboxes, this operation may take some time.
-
Error Handling: If you encounter any errors, ensure that you have the necessary permissions and that all domain names are correctly specified.
-
Maintenance: If you need to remove domains in the future, you can modify the
Set-MailboxJunkEmailConfiguration
command accordingly:
Example Script
Steps 1-3 consolidated into a single script:
Comments
0 comments
Please sign in to leave a comment.