Microsoft Defender
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Microsoft Defender

      Defender for Email Spoof Block

      This guide will show an administrator how to create a threat policy scanning block for a desired domain pair.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: Email Security

      Domain: Sender Allowance Management

      Modifies: Unsanctioned Spoofed Senders

      Defender for Email Spoof Sender Block

      1. Navigate to the Spoof Senders – Microsoft Defender portal, locate and select the Add action to initiate the allowance process. A pop-up will be displayed where you will specify the domain pairs within the Add domain pairs with wildcards field, specify the spoof type as External, and specify the Action as Block. Select Add to finalize the block creation.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.