Keepnet Labs Documentation
Keepnet Labs Documentation
Home
Resources
Introduction
Technical Guide
Whitelisting
Whitelisting Options
IP addresses and domain information
Whitelisting for Exchange 2013, 2016, or Office 365
Whitelisting for Google Gsuite
Whitelisting the Pictures on Microsoft Outlook Apps
Minimum Requirements
On-Premise Requirements
Getting Started
Phishing Simulator
Awareness Educator
Incident Responder
Phishing Reporter
Email Threat Simulator (ETS)
Threat Intelligence
Report Manager
Company
Advanced Settings
Available for Option
API Guide
Diagnostic Tool
Customer Help Desk
Maintenance Tool
Product Update/Maintenance
FAQ (All Modules)
Release Notes
Platform Security
BETA MODULES
Threat Sharing
Incident Responder
Powered by GitBook

Whitelisting the Pictures on Microsoft Outlook Apps

Using this setting, you can ensure that the pictures Microsoft Outlook emails sent are uploaded directly, and thereby the mark (X) can be removed from users' inboxes during phishing and training campaigns.

Why does "X" appear on Microsoft Emails?

When you send an email to your users, Keepnet Labs places a user-invisible image with a height and width of 1px at the bottom of the email to see if the email is read by the target user (sometimes called a tracking pixel). This is a very common practice for modern digital marketing campaigns. However, many email services automatically block images, therefore resulting in the "red X". If the user downloads the image, a request is sent to the address where the picture was is originated from. Thus, our portal can report whether the email has been read or not, provided the user 'downloads' or 'opens' the picture.

Mailchimp, Sendgrid, and other big email marketing products also send emails using this method, use these tracking pixels to confirm that the email is opened/read by the recipient. No other method has yet been developed technologically to understand whether or not the user has read the email.

Microsoft prevents the images in the email from being displayed directly to the users on its email products and applications (Outlook Desktop, Office 365 Web Portal, etc.). Because in real life, cyber attackers can use this same method to find out whether or not the target users are active email users and get their user-agent and IP information.

On Google GSuite products though, images are displayed directly, but while they are displayed, Google executes these processes through a proxy server for images. In this way, the real IP and user-agent information of the user are not disclosed.

How to Prevent X from Appearing on Microsoft Emails?

By ensuring that the images in emails sent are uploaded directly, you can prevent X from appearing on Microsoft Emails.

To enable this process, go to the Safe Sender List on Microsoft Outlook, add the FROM that will be used during phishing and training campaigns. This setting also must be made available to all users via group policy.

This process is demonstrated in detail in the article "Create a deploy safe senders list using Group Policy".

Applying this policy before sending phishing or training campaigns resolves the whitelisting of images in the email.

Previous
Whitelisting for Google Gsuite
Next
Minimum Requirements
Last updated 2 weeks ago
Contents
Why does "X" appear on Microsoft Emails?
How to Prevent X from Appearing on Microsoft Emails?