Forum Discussion

Abhimanyu Singh's avatar
Abhimanyu Singh
Steel Contributor
Mar 25, 2021

ATP Safe Links - Legitimate OneDrive for Business links and Deep Links

ATP Safe Links is blocking legitimate OneDrive for Business links shared by our users internally.   We recently had a compromised user which was blocked by the anti-spam rules as expected.    The...
microsoft 365 defender
Abhishek_Agrawal's avatar
Abhishek_Agrawal
Icon for Microsoft rankMicrosoft
Mar 31, 2021

Abhimanyu Singh thanks for reporting the issue. We have not seen specific instance of this issue but thanks for filing the support ticket and we will get it investigated.

 

Thanks,

Abhishek Agrawal [MSFT]

Abhimanyu Singh's avatar
Abhimanyu Singh
Steel Contributor
Mar 31, 2021

Abhishek_Agrawal thank you.

 

The support ticket got closed and the issue was resolved by the back-end team. We had to temporarily whitelist the root URL with wildcards to disable ATP link wrapping to at least get the work going. Once resolved, we removed the whitelist. We also did a submission on root URL in the threat center, but that was marked as "completed" and we don't know what happened behind the submission nor whether that was even worthwhile! The entire process took 3-4 days.

 

However, it still is a mystery to me as to how in the first place ATP can block the root URL of OneDrive (https://org-my.sharepoint.com) instead of blocking the entire actual URL?