Microsoft 365 Defender
      Back to home
      1. Sittadel Knowledge Base
      2. Microsoft Knowledge Hub
      3. Microsoft 365 Defender

      O365 Email File Block Work Instruction

      This work instruction will allow an administrator to block a specified file from being present in an incoming or outgoing email.

      This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

      Procedure Scope: Administrators

      Required Group Membership: Admin.EmailSecurity

      1. Navigate to Tenant Allow/Block Lists – O365 Defender, select Block under the Files tab.
      2. In the following window you can specify a SHA256 file hash (max limit of 20). Specify the timeframe as Never Expire and provide a reference point for fellow administration on why the block has been instated. Click Add.

      You're Finished!

      You should have successfully blocked the specified file from being present in any incoming or outgoing mail. Email messages that contain these blocked files are blocked as malware. Messages that contain the blocked files are held in administrative quarantined queue. For any other problems or questions, reach out to us!