M365 Changelog: Upcoming behavior change to the “DoNotRewrite” List

MC373889 – With the deployment of the Tenant Allow/Block List, as being the single source of truth for Tenant Allows, other mechanisms for Tenant Allows are being removed. This will give SecOps teams one place to manage all Tenant Allows.

Today, “DoNotRewrite” list is used to Skip

• wrapping URLs
• Detonation(SONAR)
• Verdicts.

The intended purpose of “DoNotRewrite” is to give tenants the ability to skip the wrapping of URLs. With the deployment of the Tenant Allow Block List, it is expected that all tenant allows (ex Detonation(SONAR) and Verdicts) shall be managed there.

When this will happen:

Microsoft will begin rolling this out in early June and expect to complete early July.

How this will affect your organization:

With this change, the Do Not Rewrite List behavior will be changed back to its intended purpose to skip the wrapping of URLs: Learn More

What you need to do to prepare

Review your “DoNotRewrite” URLs list(s) and ensure you have not added entries to it for uses other than to skip wrapping of URLs.