Forum Discussion

EmMabel's avatar
EmMabel
Copper Contributor
Mar 04, 2024

How to set an organization wide setting to automatically download pictures from a trusted sender?

Hi all,

There seemed to be same Subject from 2021 but not a single answer to that discussion so here I'm having similar question but with a twist:

 

One of the environment I manage has 3rd party mail gateway filtering everything coming in and there for "All mail that get to O365 is legit" (minus the occasional spam that gets through regardless of the shifting)

 

This environment also use 3rd party newsletter sending services for bulk emails etc. Some of these emails are getting nicely to the internal recipient mailboxes BUT even though the sender address is internal domain sender and the mail has value -1 SCL, the pictures don't open automatically. ('Don't download pictures automatically in standard HTML email messages' option is selected and should stay that way because I want to handle this using the safesender list and not blindly allow all).

 

We opted to use GPO to set every users Outlook Desktop to update the internal domain address to the SafeSender list - but it behaves oddly to say the least. The domain keeps disappearing from that list if set plainly '@domain.com'. It's as if something is clearing it and then restarting outlook is then updating it back because of the GPO but this keeps happening day in and day out so "sometimes you have it and other times you don't".

 

I asked from Microsoft support from the Admin center about this and according to them the GPO is no longer viable option for this and every user would have to manually add the domain to the SafeSender list themselves... (I cannot ask 10k+ users to do this).

 

So my question is - has anyone else noticing this issue with the SafeSender list not keeping the set domain addresses (especially if it's your own internal domain) and is this widely known thing when using the GPO...?

 

I'm kinda hoping I was just given bad advice from the support and there is a way to make it work... Because, - I could run powershell script to add the addresses for all mailboxes junkemailconfiguration BUT that only works to all existing mailboxes now - the GPO was meant to take care of the future mailboxes as well without me having to run the script daily/weekly...

 

Any thoughts, tips?

 

Kindly,

Em

No RepliesBe the first to reply

Resources