Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vladimir
Champion
Champion

How to deal with Microsoft's Office 365 ATP Outlook issues?

Microsoft, in their infinite wisdom, decided to prefix all links in Outlook 365 for Enterprise with ATP with:

https://nam04.safelinks.protection.outlook.com and pass the actual URLs as parameters for inspection.

Since client has a "No Wbmail" rule in their APPC/URLF, preceded by "Office 365 Enterprise" permit, this causing all the links with "outlook.com" to flop.

 

What is the best way of permitting these links to remain functional?

Create the 

.safelinks.protection.outlook.com app and add it to the categorization exemptions?

 

P.S. there is no HTTPS inspection in this environment, just categorization with the widgets.

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

That's what I'd do.
0 Kudos
ccarpediem
Explorer

Did you ever get this to work?  I'm in the same situation.  Need to block public hotmail/outlook.com, but need to enable the Office365 services such as SafeLinks ATP (https://xxxxx.safelinks.protection.outlook.com).  Thus far I haven't been able to get any override to work successfully (also no SSL inspection).  For my tests I've created rules like:

CPRule.PNG

This is how the custom application is configured

ATPCustomApp.PNG

And I've tossed in an override categorization like below just for good measure.

OverrideCat.PNG

However all attempts to access anything like xxx.safelinks.protection.outlook.com/xxxxxxxxxx does not get recognized by the first rule and is blocked by the second "Tony test hotmail block" rule.  Any other thoughts about how to best address this issue?

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events