Use this operation to add or remove email senders, domains, and IP addresses from the Tenant Allow/Block list in Microsoft Defender for Email.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: Email Security
Domain: Sender Allowance Management, Sender Block Management
Modifies: Allowed Tenant Senders and Domains, Allowed Tenant IP Addresses, Allowed Spoofed Senders and Domains, Allowed Spam Senders and Domains
When to Perform this Operation
As Needed: Proactive or in Response to User/Security
Technical Description and Importance
Managing allowed email senders and domains ensures that essential communications are not blocked by security filtering mechanisms. This process enables organizations to maintain proper email functionality while reducing disruptions caused by false positives. By selectively allowing senders, domains, and IP addresses, organizations can enhance email security while maintaining necessary business operations. Continuous management of these lists helps prevent operational delays while aligning with email security configurations.
Management Options
- Allow a Sender or Domain
- Allow an IPv6 Address
- Allow a Spoofed Sender or Domain
- Allow a Spam Sender or Domain
Allow a Sender or Domain:
Purpose
Add an email sender or domain to the allow list in Defender for Email to prevent filtering.
Use Case
A trusted partner’s emails are being incorrectly marked as spam, requiring an explicit allow entry.
Allow an IPv6 Address:
Purpose
Add an IPv6 address to the allow list in Defender for Email to permit messages from a specific mail server.
Use Case
A known mail server with a static IPv6 address is being blocked, and mail flow must be restored.
Allow a Spoofed Sender or Domain:
Purpose
Allow a sender or domain that appears to be spoofed but is authorized for specific business needs.
Use Case
A legitimate service provider is sending email on behalf of an internal domain, triggering spoof detection.
Allow a Spam Sender or Domain:
Purpose
Add a sender or domain to the allowed spam list to prevent filtering based on spam detection.
Use Case
A bulk email sender (such as a newsletter service) is being marked as spam but is required for business communications.
| Operation | Action | Target |
| Allow a Sender or Domain | Addition | Allowed Tenant Senders and Domains |
| Allow an IPv6 Address | Addition | Allowed Tenant IP Addresses |
| Allow a Spoofed Sender or Domain | Addition | Allowed Spoofed Senders and Domains |
| Allow a Spam Sender or Domain | Addition | Allowed Spam Senders and Domains |
Allow a Sender or Domain
This operation adds a sender or domain to the allowlist, ensuring their emails bypass filtering mechanisms.
1. Defender for Email Submit and Allow Action
Allow an IPv6 Address
This operation adds an IPv6 address to the allow list in Defender for Email, ensuring mail servers using the address can send email without restriction.
1. Defender for Email IP Address Allowance
Allow a Spoofed Sender or Domain
This operation allows a spoofed sender or domain in Defender for Email, preventing it from being blocked based on spoofing detection.
1. Defender for Email Spoof Allowance
Allow a Spam Sender or Domain
This operation adds a sender or domain to the spam allow list in Defender for Email, preventing its messages from being marked as spam.
1. Defender for Email Spam Allowance
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.