Best approach for contractor block policy

Hello there I need some assistance with your best approach for vendor block policy. I am thinking to create one policy with three rules 

• Block all vendors with the block AD group
• Vendors to allow emails to approved domains only 
• vendors to send email to external to organisation with ability to send to approve domains

Do you think this is a good approach by breaking down into three different rules ? Also I am bit confused with the conditions on the rule 2 and rule 3.

what would you your approach with complete breakdown ?