Description

This document shows you how to install the SoSafe Phishing Alert Button as an add-in for Outlook when using Microsoft Exchange 2016.


With the Phishing Alert Button, all your employees can report e-mails directly in their Outlook mail program as a phishing attempt. If the e-mail is one of our simulated phishing e-mails, the user will receive a message that this phishing attempt has been detected correctly. If the e-mail is not from us, it is automatically forwarded to the IT department, which can then inspect it. You are free to choose the forwarding address. Please contact us at any time if you have any questions.


Requirements

One of the following servers is required:


Exchange 2016 - Version 15.1.225.42 (RTM) or later

Exchange 2019

You should also have received a manifest file in XML format (sosafe-manifest.xml) from us, which you will need for the installation.


The button can be used in the following programs after the installation is complete:


Outlook 2013 for Windows 

Outlook 2016 for Windows 

Outlook 2016 for Mac

Outlook 2019 for Windows

Outlook 2019 for Mac


Hint:

Microsoft does not allow the use of add-ins in shared mailboxes. Therefore, you can only use the button in personal mailboxes.


Installation

Step 1

Log in to your Exchange Admin Center and go to the "Organization" menu. Then go to the "Add-Ins" tab. Use the + symbol to select the "Add from file" activity.




Step 2


Select the manifest file (sosafe-manifest.xml) you received from us and click "Next".



Step 3


The add-in should now appear in the list of loaded add-ins. 


Step 4 

Click the pencil icon to edit the add-in settings. Select the "Make this add-in available to users in your organization" checkbox. Select one of the three available options:


  • Optional, enabled by default: Use this setting if you want to allow users to disable the add-in.
  • Optional, disabled by default: Use this setting if you want to allow users to enable the add-in.
  • Required, always enabled. Users cannot disable this add-in: Select this setting if you do not want your users to disable the add-in. (SoSafe recommendation)


With the Exchange Management Shell, you can limit add-in availability to specific distribution groups. To do this, the appropriate distribution group must be configured in the Exchange Admin Center in the "Recipients" menu on the "Groups" tab.


Then run the following commands in the Exchange Management Shell:


Get-App -OrganizationApp | Format-List DisplayName,AppId  


The list of Add-Ins appears as output. Find the add-in "SoSafe Phishing Reporting" and copy the AppId.


Then run the following command. Replace the placeholder for the distribution group accordingly:


$a = Get-DistributionGroupMember <Distributiongroup> 


Finally, run the following command - and replace the placeholder for the AppId accordingly


Set-App -Identity <AppId> -OrganizationApp -ProvidedTo SpecificUsers -UserList $a.Identity -DefaultStateForUser Enabled 


For control purposes, you can have the add-ins listed with their configured properties:


Get-App -OrganizationApp | Format-List DisplayName,AppId,Enabled,DefaultStateForUser,ProvidedTo,UserList 


You should receive an output as follows:

DisplayName         : SoSafe Phishing-Reporting

AppId               : e10f7be1-f108-4275-9387-ee5d8fa30c81

Enabled             : True

DefaultStateForUser : Enabled

ProvidedTo          : SpecificUsers

UserList            : {SoSafeSRV.local/Users/Administrator, SoSafeTest.local/Users/…}


Note: The add-in will be made available to you in Outlook within the next 12-24 hours after completing the steps described above. 


Uninstallation


If you no longer wish to use the SoSafe Phishing Alert Button, you can uninstall it in three easy steps.


Step 1


In the Exchange Admin Center, go to the "Organization" menu and the "Add-Ins" tab. Select the "SoSafe Phishing Reporting" add-in there. Thenclick on the erase icon.

Step 2


A pop-up window will open and ask for your confirmation, click "Yes".






Copyright, 2019, SoSafe GmbH


If you have any problems or other questions, please contact us at any time at: support@sosafe.de