O365 Email URL Allowance Work Instruction

This work instruction will allow an administrator to create a URL whitelisting for a link that has been falsely quarantined due to policy.

This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

Procedure Scope: Administrators

Required Group Membership: Admin.EmailSecurity

  1. If an email is captured in Quarantine due to detected malware related to URL or File Attachments but you know that the source is reputable, gather the embedded link or file for the next step.
  2. Navigate to URL Submission – O365 Defender, select Submit to Microsoft for Analysis.
  3. A pop-up will be generated asking details pertaining to the URL, the hyperlink itself as well as if it was registered as a false positive or false negative. In our case we have had a URL mistakenly blocked and need it to be whitelisted instead. Select Submit once all of the items have been configured.
  4. A finalization prompt will be displayed showing that the items have been submitted for review. Select Done to proceed.

You're Finished!

You should have successfully allowed the falsely quarantined URL to now be accessible. For any other problems or questions, reach out to us!