SUPPORT.TWILIO.COM END OF LIFE NOTICE: This site, support.twilio.com, is scheduled to go End of Life on February 27, 2024. All Twilio Support content has been migrated to help.twilio.com, where you can continue to find helpful Support articles, API docs, and Twilio blog content, and escalate your issues to our Support team. We encourage you to update your bookmarks and begin using the new site today for all your Twilio Support needs.

Avoiding URL blocking by Microsoft Defender

Issue

Microsoft Defender blocks by default any link that uses sendgrid.net, warning that the website is classified as Malicious, and that opening the link might not be safe. 

 

Product

Twilio SendGrid (Email)

 

Cause

The default policy in Microsoft Defender is blocking websites associated with mass marketing, such as SendGrid. When Click Tracking is enabled and there is no link branding set up on the account (or there is no link branding associated with an specific sending domain), links are wrapped using sendgrid.net, starting as https://u*******.ct.sendgrid.net/ls/click?

 

Resolution

If Click Tracking is enabled on your account, our recommendation is setting up Branded Links for all your sending domains. However, this might sometimes lead to a similar blocking, although the cause of this new block will be different: The lack of a matching SSL certificate for the branded link. In this second scenario, the solution is following the steps to enable SSL Click tracking on the account. 

 

Additional Information 

You can refer to the following resources that are related to the actions or security errors mentioned in this article:

How to Disable or Turn Off Link Branding

Enabling SSL for Click and Open Tracking

Troubleshooting “ERR_CERT_COMMON_NAME_INVALID” Error for SSL

Have more questions? Submit a request
We can’t wait to see what you build.
Powered by Zendesk