Blog Post

Microsoft Defender for Office 365 Blog

9 MIN READ

Email Protection Basics in Microsoft 365: Spam & Phish

Microsoft

Jun 30, 2022

Microsoft Support is excited to continue a blog series that will demystify how Microsoft 365 email protection works. This is the second part of the series, in which we will cover two common types...

Updated Jun 30, 2022

Version 2.0

configuration

detection

email protection basics

prevention

Secure Posture

alexhudish

Microsoft

Joined July 16, 2016

View Profile

Microsoft Defender for Office 365 Blog

Follow this blog board to get notified when there's new activity

alexhudish

Microsoft

Apr 25, 2023

MagicHair You can absolutely add allows using Tenant Allow/Block List, as per the next sentence in the article you referenced:

"Instead you use the Submissions page at https://security.microsoft.com/reportsubmission to report the email, email attachment, or URL to Microsoft as Should not have been blocked (False positive)."

Once you use the Submissions page, select "Should not have been blocked (false positive), and "Allow emails with similar attributes" - that creates a temporary and safe allow entry that you will see reflected in the Tenant Allow/Block List right away.

The possible delay you're mentioning is expected if Microsoft needs a bit of time to review your submission before we adjust the verdicts, but even that is now handled automatically if we need more time, and the entry will be removed from the Tenant Allow/Block List once we've learned it's safe.