Creating Office 365 Safe Links Policy and Rule using PowerShell

To create a new Safe Links policy and rule a connection to Exchange Online Protection needs to be created.

Establish a connection to Exchange Online Protection by doing the following.

$UserCredential = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

Once the session has been created run the following to import the new session.

Import-PSSession $Session -DisableNameChecking

To create the policy, we need to understand what it is the policy need to achieve.

• The policy is enabled.
• Users aren’t allowed to click through to the original URL. This is the default value of the AllowClickThrough parameter, so you don’t need to specify it.
• Users that click on URLs identifies as malicious are tracked for monitoring.
• Urls should be Scanned
• Should be enabled or Internal senders as well

New-SafeLinksPolicy -Name "Accounts Block URL" -IsEnabled $true -TrackClicks $true -ScanUrl $true -EnableForInternalSenders $true

Now that a Safe links policy has been created, we need to apply a Safe links rule for the newly created policy.

The safe links rule also has a set of criteria that we need to match and those are.

• The rule is associated with the Safe Links policy named Accounts Block URL.
• The rule applies to members of the group named Accounts.
• The rule doesn’t apply to members of the group named Accounts Department Managers.

New-SafeLinksRule -Name "Accounts URL Rule" -SafeLinksPolicy "Accounts Block URL" -SentToMemberOf "Accounts" -ExceptIfSentToMemberOf "Accounts Department Managers"

To get a list of Safe Links Policies you can run:

 Get-SafeLinksPolicy

To get a list of Safe Links Rules you can run:

Get-SafeLinksRule