Skip to main content
Version: 25.10

JSON Configuration File

To customize the behavior of the Enki Outlook Classic Add-in, you can use a JSON configuration file. Create a file named config.json and place it in the add-in's installation folder.

Example Configuration File

{
  "reportSpam": true,
  "promptSendToExternal": true,
  "spamReportConfig": {
    "buttonText": "Spam Report",
    "contextMenuText": "Spam Report",
    "promptMsg": "Are you sure you want to report this email?",
    "icon": "icon.png",
    "promptType": "simple",
    "completePrompt": "Thank you for reporting suspicious email!",
    "submitTo": "security@email",
    "promptSend": false,
    "deleteSentItem": false,
    "deleteOriginal": true,
    "exportType": "eml",
  },
  "spamReportRules": [
    {
      "type": "headerExists",
      "value": "X-Mailer",
      "submitTo": "it.security@email",
      "completePrompt": "Thank you for reporting suspicious email!"
    }
  ],
  "externalPromptConfig": {
    "promptType": "simple",
    "promptMsg": "You are sending the email to $$externalcount$$ external recipients, are you sure to send this email?",
    "useGALCheck": true,
    "useSmtpDomainCheck": false,
    "externalSmtpDomains": [ ],
    "internalSmtpDomains": [ ],
    "resultHeader": "X-Enki-Result"
  }
}

Configuration Options

ParameterTypeDescription
exportTypestringSpecifies the file format for the reported email. The value could be "eml" or "msg".
reportSpamboolSpecify if enable spam report functionalities.
promptSendToExternalboolSpecify if enable send to external warning functionalities.
spamReportConfigobjectSpecify the configuration of the spam reporting function.
spamReportRuleslistSpecify the override rules of the spam reporting function.
externalPromptConfigobjectSpecify the configuration of the external recipient prompt function.

Spam Report Configuration

ParameterTypeDescription
buttonTextstringThe text displayed on the main reporting button.
contextMenuTextstringThe text displayed in the right-click context menu for reporting.
promptMsgstringThe message shown in the confirmation prompt.
iconstringThe file name or full path for the button's icon image. Supported format are PNG, ICO, BMP
promptTypestringThe style or complexity of the prompt dialog. Possible values are: simple, detail
completePromptstringThe standard success message shown after a report is successfully sent and no specific rule is matched.
includeSmtpHeaderboolIf true, the SMTP header of reported email will be automatically inserted as part of the report email body .
includeSmtpHeaderAsAttachmentstringIf true, and includeSmtpHeader is true, the SMTP header of reported email will be inserted as a text file attachment as part of the report email body .
emailSubjectstringThe subject of the report email. Support placeholder insertion.
submitTostringThe email address where reported emails are sent. Replace "security@email.com" with your team's address.
promptSendbooleanWhen set to true, this requires a user to manually send any email after being prompted about an external or unapproved recipient.
deleteSentItembooleanIf true, the reported email will be automatically deleted from the user's Sent Items folder.
deleteOriginalbooleanIf true, the reported email will be automatically deleted from the user's Inbox after it is reported.
exportTypestringSpecifies the file format for the reported email. The value could be "eml" or "msg".

External Prompt Configurations

ParameterTypeDescription
promptTypestringSpecifies the style or complexity of the warning dialog box that is displayed to the user.
promptMsgstringThe message displayed to the user. Support different placeholders listed in this document.
useGALCheckbooleanGlobal Address List (GAL) Check: If set to true, the system will check if a recipient's address exists in the organization's GAL. If it's not in the GAL, it's considered external.
useSmtpDomainCheckbooleanSMTP Domain Check: If set to true, the system will use the lists of internal/external domains to determine recipient status. This is the primary domain-based check.
externalSmtpDomainslistA list of specific domains that, even if they pass other checks, should always be explicitly counted as external for the purpose of triggering this prompt.
internalSmtpDomainslistA list of domains that are considered internal (part of the organization) and will not count towards the external recipient count.
resultHeaderstringThe name of the custom email header that is added to the message after the prompt action is taken. This header is typically used by downstream mail systems to log or track the user's decision (e.g., whether they proceeded with the send).

Note that the Add-In will assume all email recipients are internal when useSmtpDomainCheck is true and both externalSmtpDomains and internalSmtpDomains are empty.

Spam Report Prompt Override Rules

All the rules are evaluated in the order they specified in the config file.

ParameterTypeDescription
typestringThe condition for this rule: check if a specific email header exists. Supported values are headerExists,headerNotExists,headerValue
valuestringThe specific header being checked for. If the email contains the header specified in value, this rule is triggered.
submitTostringThe submission address for this specific rule (overrides the general submitTo if it were different, but here it's the same).
completePromptstringThe special success message displayed when this rule is matched. This is the key indicator that the rule is for a phishing simulation exercise.
additionalInfoContentstringThe text content that goes to additional info part of the report email.

Common Email Reporting Placeholders

PlaceholderDescriptionExample Value
$$subject$$The subject line of the original email that the user reported."Invoice overdue notice"

External Prompt Placeholders

PlaceholderDescriptionExample Value
$$externalcount$$The number of recipient that determined as external recipient.2
$$internalcount$$The number of recipient that determined as internal recipient.4
$$totalcount$$The total number of recipient6