was just talking about this in another thread here. We have a URL list that resolves this. We haven't had to update it in awhile but it's easy enough if we have to.

\b(?:\d{1,3}\.){3}\d{1,3}\b\/filestreamingservice\/files\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/.*\/filestreamingservice\/files\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/.*.intunewin.bin
\b(?:\d{1,3}\.){3}\d{1,3}\b\/.*\/ctldl.windowsupdate.com\/msdownload\/update\/v3\/static\/trustedr\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/pr\/.*\/Office\/Data\/.*
\b(?:\d{1,3}\.){3}\d{1,3}\b\/d\/msdownload\/.*

so with this regex above for Microsoft Delivery Optimization what actions are you all allowing Browse, Download, Post, ect…??