Sender Domain Safelist
Trusted sender domains — IT helpdesk identities, HR system addresses, partner-portal domains — can be added to the safelist under the new Messaging Security tab in Feature Settings. Safelisted domains bypass the detection model entirely; no alert or event is generated for messages from those senders.
URL Safelist
Known-good URLs can be registered to exclude them from malicious link scoring. A safelisted URL stops contributing to detection decisions, though the message can still be flagged on other grounds.
Note: After this release, the Global safelist no longer applies to Teams. Existing global safelist entries will be automatically migrated to the Teams safelist.
These new safelist controls:
Reduce alert noise from known-safe senders, keeping the detection queue focused on real threats.
Give admins direct, audited control over safelist entries — no backend help required.
Ensure Teams-specific safelist management is scoped per tenant, with a full audit log on every change.
