Blocking or Allowing Emails in Exchange Online Protection
Last Modified on 24/01/2020 12:06 pm GMT
With the Exchange Online service, you have access to the Exchange Online Protection service for anti-spam and anti-malware functions.
At times, you may find a legitimate email has been marked as Junk (a false positive) and want to allow this through for future emails. Alternatively, you may have received an email that should be blocked or handled as spam (a false negative).
The Exchange Online Protection service allows you to block emails based on the address they come from and the IP address of the sending server.
It is not recommended to configure Allow policies for free-mail domains such as outlook.com or yahoo.com.
Block or Allow by Email Address
Log into the Microsoft 365 Admin Center using global admin credentials for the tenant: https://admin.microsoft.com
Under Admin Centers, select Exchange
Note: If you don’t see the Admin Centers section, press Show More
Go to ‘Protection > Spam Filter’
Double click on the Default spam configuration
Select either Allow lists or Block lists
Under Sender block/allow list, select the + icon
Enter the address to block with one-per line
Note: You can also add multiple entries per line separated by a semicolon.
Select OK
Select Save
Block or Allow by Domain
Log into the Microsoft 365 Admin Center using global admin credentials for the tenant: https://admin.microsoft.com
Under Admin Centers, select Exchange
Note: If you don’t see the Admin Centers section, press Show More
Go to ‘Protection > Spam Filter’
Double click on the Default spam configuration
Select either Allow lists or Block lists
Under Domain block/allow list, select the + icon
Enter the domain to block with one-per line
Note: You can also add multiple entries per line separated by a semicolon.
Select OK
Select Save
Block or Allow by IP Address
Log into the Microsoft 365 Admin Center using global admin credentials for the tenant: https://admin.microsoft.com
Under Admin Centers, select Exchange
Note: If you don’t see the Admin Centers section, press Show More
Go to ‘Protection > Connection Filter’
Double click on the Default Connection Filter
Select Connection Filtering
Under IP block/allow list, select the + icon
Enter the IP address you want to block
Note: You can block ranges of IPs by entering them in CIDR format (Only /24 & /32 are supported)