Outlook Automatic Image Downloading

Microsoft Outlook may automatically block content or images for inbound messages from Axios HQ. Read below to see how you can adjust your settings to allow for automatic download instead.

Image blockers and spam filters are essential for email clients to protect their users from seeing or downloading sensitive content, particularly when it's sent from someone you don't know.

When editions are sent from Axios HQ, they're coming from someone you trust -- you! Outlook may not recognize this, so certain settings need to be configured in order to teach your email client that what you're receiving is guaranteed safe.

Outlook has a number of ways to do this, and depending on your team's settings,  you may need to use more than one technique listed below. If none of them seem like a perfect fit, reach out to you account manager or help@axioshq.com in order to connect with our team.

Allowlisting

The first step  we recommend is to allowlist our IP addresses and safe-sender our domains. Everything you send form Axios HQ is actually coming from you, so you can automatically trust the content!

Reach out to your account manager or email us at help@axioshq.com for a list of Axios HQ specific IP addresses and domains.

Ways to Force Image Downloading

Microsoft's Group Policy Object (GPO) is a virtual collection of policy settings that defines how your Microsoft system will behave for a defined group of users. Your team can make changes to your GPO to enable or disable certain fields and alter the behavior of a Microsoft application (like Outlook) for all users.

  • There is a registry key in the GPO that will force image downloads! More on that below.

A PowerShell script can also be executed to make changes to all users’ machines. This is a one-time change that can be run and pushed to all existing users, but likely won’t affect any new employees moving forward unless it is run again.

  • If you have a cadence for running PowerShell scripts, including a piece to force image downloads for Axios HQ communications might be a simple addition!

The Trust Center offers another option, but it is more limiting: utilizing the Trust Center will allow you to make changes to Outlook’s behavior in the browser, but likely will not affect anyone using the Outlook application.

 

Changes to the GPO

With Microsoft’s Group Policy Object, you can specify which domains should be on your company’s Safe Senders List. Adding Axios HQ to your users’ Safe Senders List will mark us as trusted and will allow images to automatically display.

  • Here is a support article on Microsoft’s website that lists the keys you will need to manipulate within your system’s registry.
  • Please note that the key they use as an example has a placeholder that you should replace with your version of Outlook. 

If you are able to allowlist based on IPs, you can find those IPs by reaching out to your account manager or contacting us at help@axioshq.com. If you can only allowlist based on domain, let our account management team know; if you have a Custom Domain integration configured with Axios HQ, you may need to implement some additional settings (more on that below.)

 

Running a PowerShell Script

A PowerShell script allows a change to be pushed to all current Outlook applications. This process can take a few hours, and is often run overnight.

  • It is a one-time change. Instead of altering your GPO’s registry, you can regularly run a PowerShell script that will affect changes on all users’ machines.

If your team is running a PowerShell script to configure that SafeSenders List, we recommend including Axios HQ IP addresses and domains.

If there is no current cadence for updating the Safe-Senders List, reach out to your account manager or help@axioshq.com for a PowerShell script example.

 

Custom Domain Integration

If you have a Custom Domain integration with Axios HQ, you may need to alter an additional setting.

  • Connecting a Custom Domain integration allows you to send from your domain, rather than noreply@axioshq.com.
  • The process for this integration includes setting up a subdomain, frequently configured as axioshq.your-domain.com.

If you are able to allowlist and unblock images based on IP addresses, as suggested above, you should be good to go.

If not, you may need to allowlist based on domain:

  • Microsoft's Safe-Senders List will have you safe-sender axioshq.com and the subdomain you configured, axioshq.your-domain.com.
  • Your Custom Domain enables you to send from any address that ends in @your-domain.com. But Microsoft does not allow you to set safe-sender rules on internal domains, so with this integration, any messages sent from @your-domain.com (that come from HQ) effectively bypass the settings we’ve just enabled.

You will need to set separate send-from and reply-to addresses. This is a setting that can be turned on by your account manager at Axios HQ.

  • The send-from address should include the subdomain: example@axioshq.your-domain.com. This is what your recipients will see in their inbox.
  • The reply-to address would remain example@yourdomain.com. This is the address that will receive all replies.

With this configuration, all series sending from Axios HQ should be sent from an address that includes the subdomain, as all messages sent from @axioshq.your-domain.com will be caught by the appropriate rule.