Articles in this section

See more

Microsoft do-not-rewrite Links

Avatar
Mitchell Dyer
  • Updated
Follow

Set up a custom do-not-rewrite URLs list using Office 365 ATP Safe Links

With Office 365 Advanced Threat Protection (ATP), your organization can have a custom blocked URLs, such that when people click on web addresses (URLs) in email messages or certain Office documents, they are prevented from going to those URLs. Your organization can also have custom "do not rewrite" lists for specific groups in your organization. A "do not rewrite" list enables some people to visit URLs that are otherwise blocked by ATP Safe Links in Office 365.

This article describes how to specify a list of URLs that are excluded from ATP Safe Links scanning, and a few important points to keep in mind.

Set up a "do not rewrite" list

ATP Safe Links protection uses several lists, including your organization's blocked URLs list and the "do not rewrite" lists for exceptions. If you have the necessary permissions, you can set up your custom "do not rewrite" lists. You do this when you add or edit Safe Links policies that apply to specific recipients in your organization. 

To view or edit a custom "do not rewrite" URLs list

  1. Go to https://protection.office.com and sign in with your work or school account.

  2. In the left navigation, under Threat management > Policy > Safe Links.

  3. In the Policies that apply to specific recipients section, choose New (the New button resembles a plus sign ( +)) to create a new policy. (Alternatively, you can edit an existing policy.)
    Choose New to add a Safe Links policy for specific email recipients

  4. Specify a name and description for your policy.

  5. In the Do not rewrite the following URLs section, select the Enter a valid URL box, and then type a URL, and then choose the plus sign (+).

  6. The URL's that need to be added are the following:

         Csatraining.online
         Csaphishtest1.co.uk
         Csaphishtest2.co.uk
         Csalearn.co.uk

         Csadonotclickthis.co.uk
         Csadonotclickme.co.uk
         Csadonotclickme-simulatedmalware.co.uk
         Csadonotclickme-simulatedransomwaredownload.co.uk
         Csadonotclickme-simulatedcatchpassword.co.uk
         Csaeducation.co.uk
         gdpreducation.co.uk

    7. In the Applied To section, choose The recipient is a member of, and then choose the group(s) you          want to include in your policy. Choose Add, and then choose OK.

    8. When you are finished adding URLs, in the lower right corner of the screen, choose Save.

 

 

The following table lists examples of what you can enter and what effect those entries have.

Example Entry What It Does
contoso.com Allows recipients to visit a site like https://contoso.com but not subdomains or paths.
*.contoso.com/* Allows recipients to visit a domain, subdomains, and paths, such as https://www.contoso.comhttps://www.contoso.comhttps://maps.contoso.com, or https://www.contoso.com/a.

This entry is inherently better than *contoso.com*, because it doesn't include potentially fraudulent sites, like https://www.falsecontoso.com or https://www.false.contoso.completelyfalse.com
https://contoso.com/a Allows specific recipients to visit a site like https://contoso.com/a, but not subpaths like https://contoso.com/a/b
https://contoso.com/a/* Allows specific recipients to visit a site like https://contoso.com/a and subpaths like https://contoso.com/a/b

Related articles

Comments

0 comments

Please sign in to leave a comment.