Microsoft 365 from GoDaddy Help

Configure URL Defense

URL Defense is a feature of Advanced Email Security that scans email messages for harmful links. By default, it rewrites links in the message body, except for encrypted messages. You must be an admin for your organization to configure URL Defense.

If a URL is rewritten, you'll see the following when you hover over it:
https://urldefense.proofpoint.com/v1/url?=...

Note: Only URLs within the message body can be rewritten. Any URLs in attachments can't be rewritten by Advanced Email Security.
  1. Sign in to Advanced Email Security. Use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
  2. Under Security Settings, select Malicious Content, and then select URL Defense.
    • If you can't see Malicious Content, you might need to contact our GoDaddy Guides to get access enabled.
  3. After you're in the URL Defense section, the following options can be enabled or disabled. Make the changes you want, and then select Save.
    SettingDescription
    Rewrite URLs that are located in DKIM signed messages

    Rewrite URLs found in DKIM signed messages.

    Note: DKIM is an email validation system designed to detect email spoofing and check that incoming mail from a domain hasn't been modified during transport. Rewriting URLs in DKIM-signed messages can break the DKIM signature.
    Rewrite URLs that are not located in an anchor tag

    Rewrite all URLs that aren’t included within an anchor tag in the source code of the email.

    Note: Anchor tags are used in HTML to tell a browser or email client where to direct a user when content, such as a URL or image, is clicked. Some email clients will automatically convert the text of a domain name or URL into a clickable link when it wasn’t originally sent as a link.
    Exclude URLs that contain specified domains/IP addresses

    Specify domains and/or IP addresses that, when found in a message URL, won't be rewritten.

    All entries need to be separated by a line, comma or semicolon.

    Exclude active domains associated with this organizationPrevent Advanced Email Security from rewriting any URLs in messages containing domains within the account.
    Exclude rewriting emails that are sent by specified senders

    Email addresses or domains entered in this text area won't have URLs in their message rewritten when sending to a customer using Advanced Email Security.

    Make sure to only enter explicitly trusted email addresses or domains here.

    All entries need to be separated by line, comma or semicolon.

    Exclude rewriting bare IP addresses in plain text emailsPrevent rewriting of IP addresses in a plain text email.
    Exclude rewriting URLs in plain text emailsWon't rewrite URLs contained in plain text emails.

More info