Why is Outlook 2007 ignoring my command to append a text file to my user's Safe Senders lists?

Posted on 2010-11-16
Last Modified: 2012-05-10
Greetings -

I have a Group Policy deployed in my environment for Outlook 2007 that does two things related to the Junk E-mail Safe Senders list:

1.  Specifies the path to a text file located on the user's workstation that contains a simple list of domain names.

2.  Flips the registry value JunkMailImportLists to "1" to tell Outlook to import the Safe Senders list each time it launches.  The path to this value is: HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Options\Mail

This configuration worked fine for a long time.  Sometime in the past few months, I have no idea when, this stopped working.

I have Exchange 2010 and Office 2007 in my environment.  I'm wondering if my upgrade to Exchange 2010 might be causing the Outlook client to behave differently, or if a patch Microsoft released for Outlook broke this functionality but either way: the text file I specify is no longer appended to Outlook's Safe Senders list anymore.  It flat out ignores it.  Regardless of what I put in the Safe Senders text file now, Outlook does not import the values.

The web is loaded with inconsistent information on how to configure a GPO for importing a Safe Senders list throughout an enterprise.  I worked with Microsoft Premier on this configuration and it *did* work for months.  I've set the JunkMailImportLists registry key which was missing from the original Office ADM file - a known bug.  I've configured the proper path to the file, the file exists, and this issue happens on any profile on any workstation.  So I'm at a loss here.

Before I call Premier, I wanted to know if anyone else has seen this behavior.  When upgrading to Exchange 2010, did your import stop working?  Has a patch broken this?  Any other input?
Question by:amendala
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
LVL 20

Expert Comment

ID: 34149916
Not sure I set this up for my last company, which they had Outlook 2003.   Its not a great change for 2007.   I have attached my proedure how I set it up.    I understand this was already working for you at one time, but I would go over this doc to see if it kicked off a lightbulb.

Is the share for the text file up and accessible?  

Author Comment

ID: 34149961
Yeah I reviewed your Doc and it's nearly identical to what I'm doing.  The only difference is, the safe senders list is a file local each workstation, not up on a share.  I push the file to the workstation using Group Policy Preferences.  It is accessible.

I've tried pointing it to a copy of the file on sysvol as well and it makes no difference so I've taken permissions issues off the list of potential problems at this point.

Frustrating for sure...
LVL 20

Expert Comment

ID: 34149995
This might be a pain...but what about creating a test see if it works?  
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 34150012
What do you mean create a test GPO?  I've already got a GPO in place with this functionality.  You mean recreate it entirely?

The GPO's values are definitely getting written to the registry.  I can validate that manually.  The safe senders list path is properly published as well as the JunkMailImportLists value.

I'm confused as to what you're asking.
LVL 20

Expert Comment

ID: 34150130
Yes recreate it entirely...or create a test GPO and apply it to only one user to see if it works.   There might be something wrong with your orginal GPO.    Do you see the last time to orginal gpo was modified?

Author Comment

ID: 34150262
Well if the registry values are there for the safe senders file and the JunkMailImportLists value is set correctly, regardless of the GPO's health, Outlook should append the list.

But just for troubleshooting sake, I did recreate the entire GPO, applied it only to my computer and user accounts, denied the old GPO via security filtering, ran gpupdate and I get the same result.  The registry entries are proper, Outlook doesn't listen.

Author Comment

ID: 34155564
I have a suspicion that this behavior began when we upgraded our Exchange 2007 environment to 2010.  Tough I have no idea where the settings are that would cause the client to behave this way.  Perhaps Exchange 2010 maintains tight, centralized control over an aggregated safe senders list or something that causes Outlook to ignore what I'm telling it.

Anyway, doesn't seem like there's a solution to the problem.  I'll leave the question open for a few more days and if I end up talking to Microsoft Premier, I'll post what I learned here.

Accepted Solution

amendala earned 0 total points
ID: 34285213
Microsoft Premier has confirmed that this functionality is by design.  The Safe Senders list is designed to be created and deployed via Exchange 2010 through Edge Transport functionality.  Obviously, inner-domain traffic will follow the rules of domain trust and by default, all those E-mail addresses will be trusted senders.  For external mail, Microsoft wants you to leverage the Safe Senders list management functionality with in Edge Transport to maintain a global list.  For the local list on each user's Outlook instance, it is up to the user to manage that.

Author Closing Comment

ID: 34324388
Premier confirmed behavior is by design.

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question