Merge pull request #21277 from nithinnara/patch-7

chrisda · web-flow · commit a1e0bf4ebf03 · 2023-07-05T09:17:25.000-07:00
Update skip-filtering-phishing-simulations-sec-ops-mailboxes.md
diff --git a/microsoft-365/security/office-365-security/skip-filtering-phishing-simulations-sec-ops-mailboxes.md b/microsoft-365/security/office-365-security/skip-filtering-phishing-simulations-sec-ops-mailboxes.md
@@ -131,8 +131,6 @@ If your MX record doesn't point to Microsoft 365, the IP address in the `Authent
 
 > [!NOTE]
 > If you're using the [Built-in protection preset security policy](preset-security-policies.md#profiles-in-preset-security-policies) or your custom Safe Links policies have the setting **Do not rewrite URLs, do checks via SafeLinks API only** enabled, time of click protection doesn't treat phishing simuation links in email as threats in Outlook on the web, Outlook for iOS and Android, Outlook for Windows v16.0.15317.10000 or later, and Outlook for Mac v16.74.23061100 or later. If you're using older versions of Outlook, consider disabling the **Do not rewrite URLs, do checks via SafeLinks API only** setting in custom Safe Links policies.
->
-> By design, Safe Links sends a `HEAD` request to all URLs in the email message to determine what to do with the URL. Some phishing simulation vendors might show these `HEAD` requests as user clicks, so you might see two user clicks for a URL. This problem isn't an issue with Defender for Office 365. Ask your phishing simulation vendor to fix this problem by ignoring `HEAD` requests. 
 
 1. In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Email & Collaboration** \> **Policies & Rules** \> **Threat policies** \> **Advanced delivery** in the **Rules** section. Or, to go directly to the **Advanced delivery** page, use <https://security.microsoft.com/advanceddelivery>.
 
