O365 Email URL Block Work Instruction

This work instruction will allow an administrator to create a block for a specified URL, if this URL is detected in any emails they will be quarantined.

This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

Procedure Scope: Administrators

Required Group Membership: Admin.EmailSecurity

  1. Navigate to Tenant Allow/Block Lists – O365 Defender, select Block under the URLs tab.
  2. In the following window, you can specify the URL including subdomains or paths (max limit of 20). Specify the timeframe as Never Expire and provide a reference point for fellow administration on why the block has been instated. Click Add.

You're Finished!

You should have successfully blocked the specified URL from being present in inbound or outbound email. Email messages that contain these blocked URLs are blocked as high confidence phishing. Messages that contain the blocked URLs are located in the administrative quarantined queue. For any other problems or questions, reach out to us!