Add your domain name to trusted senders for all delegated Office 365 users

This post is part of our series on using PowerShell for bulk Office 365 management tasks on delegated customer tenants.

This one’s more about our vanity than anything else. Our ticketing system’s service tickets are in HTML format, and they include our logo and various other bits of branding:Outlook Email doesn't display pictures from non trusted senders

For many of our customers, Outlook prevents the automatic downloading of images, and displays this message:
Office 365 and Outlook Block Pictures In Email From Non Trusted Senders

If we want our customers to see these images without having to manually allow them, we can add our domain name to their trusted senders list.

Here’s a PowerShell Script that will add your domain to the Trusted Senders and Domains list for each mailbox in all of your customer’s tenants.

How to use the PowerShell Script to add your domain to all customer’s trusted senders list


  • You’ll need to have the Azure Active Directory PowerShell Module installed. Follow our quick guide for instructions.
  • You’ll need to have opened PowerShell as an Administrator, and ran:
    Set-ExecutionPolicy -ExecutionPolicy Unrestricted

Copy and paste the following script into Notepad, Visual Studio Code or your favourite text editor. Replace [email protected] with the email or domain you’d like to add, then save it as a PowerShell script with the extension .ps1. Run it using Windows PowerShell or PowerShell ISE.

# This is the cmdlet you'll need to edit with your own domain name or email address

$ScriptBlock = {get-Mailbox -ResultSize Unlimited | Set-MailboxJunkEmailConfiguration -TrustedSendersAndDomains @[email protected]'}}

# Establish a Windows PowerShell session with Office 365. You'll be prompted for your Delegated Admin credentials

$Cred = Get-Credential

Connect-MsolService -Credential $Cred

$customers= Get-MsolPartnerContract -All

Write-Host "Found $($customers.Count) customers for this Partner."

# For each of the contracts (customers), run the specified report and output the information.

foreach ($customer in $customers) { 

	# Get the initial domain for the customer.

	$InitialDomain = Get-MsolDomain -TenantId $customer.TenantId | Where {$_.IsInitial -eq $true}

	# Construct the URL with the DelegatedOrg parameter.

	$DelegatedOrgURL = "" + $InitialDomain.Name

	Write-Host "Changing setting for $($InitialDomain.Name)"

	# Connect to your customers tenant and run the script block

	Invoke-Command -ConnectionUri $DelegatedOrgURL -Credential $Cred -Authentication Basic -ConfigurationName Microsoft.Exchange -AllowRedirection -ScriptBlock $ScriptBlock -HideComputerName


The script will generate the following output as it runs:

Add Domain To Trusted Senders For All Office 365 Customers

Was this article helpful?

Related Articles