An internal domain is a domain owned or controlled by your organization. Cloud App Security uses internal domains to identify trusted email
traffic from incoming email messages. Advanced Threat Protection policies will disregard
email
messages that transmit through your internal domains according to the policy configurations.
That is, when Advanced Threat Protection policies apply to incoming email messages
only, no
policy violations will be triggered for the internal domains.
Internal domains apply to policies for Microsoft 365 services and Gmail, and these
domains can be added to the approved URL list to exclude from Web Reputation scanning.
Internal domains also apply to Exchange Online and Gmail policies as global
settings for advanced message scanning and detection against BEC attacks.