Forum Discussion
Safe Links : Disable scanning for internal url's in Teams
Hi,
I got redirected by an admin from answers.ms to this community, so here's my question 🙂
We're using safe links in our environment, and have a "do not rewrite url" setup for our internal environment mydomain.intra, to make sure internal sites aren't checked.
We notice this is working in Outlook, but it doesn't work in Teams.
When users receive an internal url in teams, like https : [//] holidayrequests.mydomain.intra the link is still being checked, causing a delay since it's not publicly available.
Can someone shed a light on the following :
* How can we make sure these internal url's aren't verified by safe links in Teams? (most important question :-))
* We notice that for some users there is no redirect to Safe Links, and for others there is.
The safe links policy is configured for everyone though, so there shouldn't be a difference.
I verfied this with Fiddler. On my own Teams I don't see any redirects to be scanned by Safe Links, while for some other colleagues I clearly see the redirect).
Hi lyncer2013,
yes, regarding the Microsoft documentation, the recognition of internal domains in Safe Links policies for Microsoft Teams and Office web apps may not be as straightforward as whitelisting.
Reporting the issue and requesting to add the internal domain through https://security.microsoft.com/reportsubmission can be a workaround.Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)
Hi lyncer2013,
Safe Links in Microsoft Defender for Office 365 offers URL scanning and rewriting for inbound email messages, along with time-of-click verification of URLs in emails, Teams, and supported Office 365 apps.
To ensure internal URLs aren’t verified by Safe Links in Teams, you need to adjust your Safe Links policies. You can create Safe Links policies that apply to specific users, groups, or domains.
The difference in redirect behavior among users could be due to different Safe Links policies applied to different users, groups, or domains. You should check the specific policies applied to the users who are experiencing the redirects.
For more information you can see these links:
Complete Safe Links overview for Microsoft Defender for Office 365 | Microsoft Learn
Set up Safe Links policies in Microsoft Defender for Office 365 | Microsoft LearnPlease click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)Hi
Thanks for the reply
We only have 1 policy and it's applied to all users.
In "Users and domains" -> "included recipient domain" we configured our email domain : ouremaildomain.comHi lyncer2013,
thanks for the update.
Microsoft Teams and Office web apps may not fully recognize the "Do not rewrite the following URLs" lists in Safe Links policies.
It means that users included in these policies might still experience Safe Links scanning for URLs in Microsoft Teams and Office web apps.Complete Safe Links overview for Microsoft Defender for Office 365 | Microsoft Learn
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)
