Installation
Last updated
Last updated
Office 2007/2010/2013/2016 (32-bit & 64-bit)
.Net 3.5 or later version
Installation rights user
You can install the .msi package created in the Customisation section by double-clicking your mouse on the computer that meets the installation requirements.
After installation, it appears in the program manager as follows, and you can find the installed version information here.
Outlook add-in support 32 and 64-bit system which has unattended installation.
The following methods can be used to set up with Group Policy over Active Directory. Depending on the version of the domain controller, the steps may differ. In this article, a description has been made of a DC with Windows 2012 R2 operating system.
Firstly, the executable file (.msi extension) must be shared. Below is the shared folder that contains this file.
The installation of the folder attachment containing the relevant file is shared with the desired group. In this example, the folder is shared with Everyone. It is recommended that this file is shared only with the ‘Read’ authority so that it will not cause any security weaknesses (such as escalation).
Open the Server Manager, click on Tools on the right side of the screen, then open the Group Policy Management Console.
Then create a Group Policy Object (GPO) on the domain. Below is the Group Policy Object created with the name Keepnet Outlook Add-in.
Then the group policy is edited, and the corresponding executable file is added as a new package. Below is the display of this file being added to the policy.
Then the new policy is applied to the systems with the ‘gpupdate’ command. If this policy is applied, computers may need to be restarted. In this case, restarted computers will have Outlook add-in installed.
The following plug-in has been installed in the Outlook application. With the help of this add-in, employees can report a suspicious email and send it for analysis.
For silent installation and removal, the following commands are available.
Silent installation process
C:\Windows\System32\msiExec.exe -i “OutlookInstaller.msi” /QN /norestart
This section will guide you in how to customize and install the Outlook Suspicious Email Reporter Add-In for users' O365 email boxes. When this add-in has been published, users will see Add-in on their devices (Outlook App, OWA, mobile, tablet, laptop)and use it to report suspicious emails.
Log in to the dashboard and select the Incident Responder > Phishing Reporter page. Customize each field as required, and once completed, click Save Changes.
Then click Download and download the OWA / Exchange XML add-in file or copy the link.
This download/link will be required later in the installation.
If you want to customize your add-in, please change the following fields in bold when editing the XML file before proceeding to the next steps:
<ProviderName>Your Company Name</ProviderName>
<DisplayName DefaultValue="Suspicious E-Mail Reporter"/>
<Description DefaultValue="It is a phishing reporter button that allows the user to turn it into action when they receive a suspicious mail.This provides SOC teams the ability to detect and block attacks early."/>
DefaultValue="https://yourcompanydomain.com/images/icon64.png"/>
<SupportUrl DefaultValue="https://www.yourcompanydomainhere.com"/>
DefaultValue="https://yourcompanydomain.com/images/icon16.png"/>
DefaultValue="https://yourcompanydomain.com/images/icon32.png"/>
DefaultValue="https://yourcompanydomain.com/images/icon80.png"/>
<bt:String id="groupLabel" DefaultValue="Your Company Name"/>
<bt:String id="customTabLabel" DefaultValue="Your Company Name"/>
<bt:String id="paneReadButtonLabel" DefaultValue="Report as suspicious"/>
<bt:String id="paneReadSuperTipTitle" DefaultValue="Report as suspicious"/>
<bt:String id="paneReadSuperTipDescription" DefaultValue="This add-in helps to report suspicious email."/>
Log in to your Microsoft 365 Admin Center.
https://admin.microsoft.com/AdminPortal/Home#/homepage
Go to Add-ins.
https://admin.microsoft.com/AdminPortal/Home#/Settings/AddIns
Click +Deploy Add-in and click Next. Under Deploy a custom add-in, click Upload custom apps.
Select the option to Deploy a new add-in. Select one of the following:
‘I have the manifest .xml file’ (the XML file downloaded earlier from Phishing Reporter).
‘I have a URL for the manifest file’ (if the copy link option was chosen)
Then click Upload.
Now proceed to Configure Add-in.
Select the Add-in from the Add-in list.
Assign the users who will have access to the add-in. Choose one of the following:
Everyone: The add-in will be installed on every user under the O365.
Specific Users / Groups: The add-in will be installed to the chosen group or user.
Just me: The add-in will be installed on your mail account.
Now proceed to the Deployment Method.
Select the Deployment Method option (it is recommended to choose the option Fixed (Default)).
Fixed (Default)
Available
Optional
After selection, click Deploy.
After deployment is successful, click Next and then Finish to complete the process.
The add-in will now appear in the Add-in list.
A message will appear to say that your add-in has been deployed.
You will also receive an email notification confirming your successful deployment. Important note: It will take up to 12 hours for the add-in to be displayed on users' ribbons - users might need to relaunch Office.
Once the deployment completes, to test that it is successful, launch the applicable Office app to confirm that the add-in is present on the ribbon.
You can force the list of installed add-ins to refresh by launching the Office app and navigating to the Insert tab > My Add-ins > Admin Managed.
Open your account on Office 365, and report an email as suspicious by using the Phishing Reporter installed on your account.
After the email is reported, you will receive a thank you message.
Now report an email using another device such as mobile to check that the add-in has been successfully installed and deployed. After the email is reported, you will receive a thank you message.
Deployment on Exchange can be executed in Exchange 2013 and above versions.
First, download the Phishing Reporter XML add-in on the exchange server. Then, customize the script shared below for your environment.
As the last step, save the script you have edited and run it via the Exchange command line. We have described how to connect to the Exchange command line here.
Within 24 hours, the add-in will be visible to the relevant users as follows. This image was taken from Outlook Web Access (OWA). The add-in can work on OWA, as well as on Outlook Mobile and Outlook Desktop. You can access the compatibility list from the address specified here.
You can connect to the Exchange command line with the below Powershell script.
First, go to script.google.com and click on the New Script button.
Click the “Use Legacy Editor” button.
The new script file that is opened is saved with a project name.
In the Code.gs, paste the Script code provided by Platform to you and save it.
Then follow View> Show manifest file path and create the appscript.json file.
Then copy and save the Manifest code provided by Platform to the screenshot below.
Go to console.cloud.google.com and create a new project.
Name your project and select its location. Then click on the Create button to start your project.
Following the creation of the project, go to the API & Services page. Open the OAuth content screen page from the Credential tab. Select Internal and click Create.
On the OAuth content screen, select the logo, fill in the required fields, and then click the Save and Continue button. After that, click the save and continue button again without making any changes on the Scope screen. Then click Back to Dashboard.
Following the saving of the OAuth content screen, go to the API & Services page. Open the Library page. Then search Gmail API and enable it.
Then go to project settings by clicking the Project settings button like in the screenshot below.
Copy the Project number value on the Project Settings page.
Follow Resources> Cloud Platform project path on script.google.com.
Then, on the Cloud Platform project page, paste the Project number in the field and then click the Set Project button.
Then confirm the project change.
After the project change is confirmed, the change becomes successful.
On the Library page, search for the word Market and find the Google Workspace Marketplace SDK and click on it.
On the Google Workspace Marketplace SDK page, click the Enable button and activate SDK.
After activating the Google Workspace Marketplace SDK, go to the script.google.com and click Publish > Deploy from manifest and then Click Get ID and copy Deployment ID.
Go to the App Configuration tab and paste Deployment ID, upload the logos provided by Platform and fill in the required fields.
Before saving, do not forget to select the Private option. Then click save.
After saving, go to the Store Listing, upload the logos provided by Platform and fill in the required fields and click Publish.
Then click the application marketplace link after Approved.
In the application market, find the add-in click on the Domain Install button to start the distribution/deployment process. Click Continue to start the extension distribution.
Then accept the necessary permissions. After the permissions are accepted, the deployment is successfully completed.
It may take up to 24 hours for this app to be installed for your entire Google Workspace domain or organizational unit.
To function properly, Phishing Reporter periodically makes HTTP & HTTPS requests to specific Platform resources located on the cloud or intranet. In order for Outlook attachments to maintain their communications seamlessly, whitelist addresses are required [defined below] for web gateways to which they are connected.
For cloud customers, https://dashboard.keepnetlabs.com/
For on-premise customers, http(s)://IpAddress/*
Title
Description
Add-in Manifest File Path
The file path where the add-in is on disk
-UserList
The email addresses of the users that the add-in is to be installed (you can separate more than one email with a comma)
Title
Description
YourExchangeAdminUsername
Username of your Exchange admin account
YourExchangeAddress
The address of your Exchange environment