How to Block Specific Emails or Users in Microsoft 365 Using the Tenant Allow/Block List

In today’s cybersecurity landscape, protecting your Microsoft 365 (M365) environment from spam, phishing, and malicious emails is more critical than ever. One effective way to do this is by blocking specific senders or domains from reaching your users’ inboxes.

Whether it’s a suspected phishing attempt or persistent spam, Microsoft provides a built-in solution via Tenant Allow/Block Lists (TABL) within the Microsoft 365 Defender portal. This ensures that unwanted messages are quarantined automatically—without manual intervention from end users.

What is the Tenant Allow/Block List?

The Tenant Allow/Block List is part of Microsoft Defender for Office 365, enabling administrators to manage trusted and untrusted email senders across the entire M365 tenant. When you add a sender or domain to the Blocked list, any future emails from that source will be automatically sent to quarantine, helping protect your users from potential threats.

When Should You Use It?

• To block known phishing domains or suspicious senders
• To prevent spam campaigns from reaching mailboxes
• To respond quickly to emerging email-based threats
• To enforce organization-wide email security policies 

Steps to Block Email Addresses or Domains in Microsoft 365

Follow these steps to block a sender or domain using the Microsoft 365 Defender portal:

1️. Access the Defender Portal

Go to the Microsoft 365 Defender portal:
 https://security.microsoft.com

2️. Navigate to Threat Policies

In the left menu, go to:
Email & collaboration ➝ Policies & rules ➝ Threat policies

3️. Open the Tenant Allow/Block List

Under the Rules section, click Tenant Allow/Block Lists.

4️. Add a Blocked Sender or Domain

• Click the Blocked Senders tab.
• Click the + Add button.
• Choose whether you’re blocking a specific email address or an entire domain.
  
  Example:
  • Email address → baduser@example.com
  • Domain → spammerdomain.com 
• Click Submit to apply the block.

Note: Changes may take a few minutes to propagate across the tenant.

Important Considerations

• The blocked senders list is tenant-wide—it affects all users.
• This feature is integrated with Defender for Office 365 and works alongside other policies like Safe Links and Anti-Phishing.
• Always verify the sender before adding them to the block list to avoid false positives.

Stay Proactive, Stay Secure

Managing sender trust is an essential part of defending your Microsoft 365 environment. With the Tenant Allow/Block List, ServerAdminz recommends regularly reviewing and updating your sender policies to stay ahead of email-based threats.

Need help setting up advanced security for your Microsoft 365 tenant?
Get in touch with ServerAdminz—your trusted partner in managed email security and cloud infrastructure.