I found a setting that allows to unblock specific internal hosts and is respected by the SSRF Protection mechanism that is causing the WebHooks to be blocked in the first place:
Use the setting allowed_internal_hosts to specify which internal hostnames are allowed in your webhook.