Would you like Outlook to automatically download images for simulated phishing and notification emails sent by CyberLearn?
This article shows how to add CyberLearn-managed domains to each mailbox’s Safe Senders list (Safelist Collection) via Exchange Online PowerShell. This improves the accuracy of the email view metric in campaigns. It’s optional—campaigns work fine without it.
This guidance builds on Microsoft’s mailbox safelist collection configuration. Apply at your own discretion.
Table of contents
- Prerequisites
- Step 1: Connect to Exchange Online PowerShell
- Step 2: Define CyberLearn domains (and optional sender addresses)
- Step 3: Add entries to all user mailboxes
- Step 4: Verify changes
- Additional notes (scoping, removal, performance)
Prerequisites
- Exchange Online PowerShell module installed:
Install-Module -Name ExchangeOnlineManagement - Administrative permissions to update mailbox junk email configuration across your tenant.
Step 1: Connect to Exchange Online PowerShell
Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName your_admin_account@yourdomain.com
Replace
your_admin_account@yourdomain.comwith your admin UPN.
Step 2: Define CyberLearn domains (and optional sender)
Add the CyberLearn landing/notification domains you want Outlook to trust for images.
You can also add a specific sender address if you like.
# Domains (no wildcards here; Safe Senders expects bare domains)
$domains = @(
"cyber-detector.com",
"security.cyber-detector.com",
"app-cyberlearn.com",
"api.app-cyberlearn.com",
"veriffy-center.com",
"user-messagee.com",
"access-portall.com",
"delivery-statuss.com",
"document-serviice.com"
)
# Optional: explicit sender addresses to trust
$senders = @(
"bnc@cyber-detector.com"
)
White-labeling: If you use custom (white-label) domains, replace or extend the list above with your own domains.
Step 3: Add entries to all user mailboxes
The script below fetches all user mailboxes once, then appends (does not overwrite) trusted domains and senders.
# Fetch all user mailboxes
$mailboxes = Get-Mailbox -RecipientTypeDetails UserMailbox -ResultSize Unlimited
# Add domains to TrustedSendersAndDomains (batched per mailbox)
foreach ($mbx in $mailboxes) {
if ($domains.Count -gt 0) {
Set-MailboxJunkEmailConfiguration -Identity $mbx.Identity `
-TrustedSendersAndDomains @{ Add = $domains }
}
if ($senders.Count -gt 0) {
Set-MailboxJunkEmailConfiguration -Identity $mbx.Identity `
-TrustedSendersAndDomains @{ Add = $senders }
}
Write-Host "Updated safelist for $($mbx.PrimarySmtpAddress)"
Start-Sleep -Milliseconds 300 # light throttling
}
What this does
Get-Mailbox …: retrieves all user mailboxes.Set-MailboxJunkEmailConfiguration: appends domains/senders to each mailbox’s Safe Senders list via@{ Add = … }(so existing entries are preserved).
Pilot first? Swap the
$mailboxesline for a scoped query (e.g., by group) to test on a subset before full rollout.
Step 4: Verify changes
Check a specific mailbox to confirm entries were added:
Get-MailboxJunkEmailConfiguration -Identity user@yourdomain.com `
| Select-Object -ExpandProperty TrustedSendersAndDomains
Additional notes
- Processing time: Large tenants may take a while to update.
- Image auto-download behavior: Outlook uses the Safe Senders list to decide whether to auto-load remote images. Exact behavior can vary by client/version and other org policies.
- Maintenance / removal: To remove entries later, run:
# Remove the same domains/senders you previously added foreach ($mbx in $mailboxes) { if ($domains.Count -gt 0) { Set-MailboxJunkEmailConfiguration -Identity $mbx.Identity ` -TrustedSendersAndDomains @{ Remove = $domains } } if ($senders.Count -gt 0) { Set-MailboxJunkEmailConfiguration -Identity $mbx.Identity ` -TrustedSendersAndDomains @{ Remove = $senders } } } - Best practice: Keep your list minimal (only CyberLearn/your white-label domains and the specific sender you use). Avoid unrelated domains.
