By default users are only allowed to authenticate within the same country as their country code/location attribute or email tld suffix, or a specific group membership? eg: We are a multi geo located org. We use various domain.countrycode email domains for regions. Can i create a default policy or rule that only allows AU (domain.com.au) to authenticate within Australia, and .co.uk to only authenticate in UK.
By default deny Sharepoint access to specific domains within our org.
No, there is no functionality in AAD that will allow this. If you have such requirements, you should consider using AD FS (or in general any other method that redirects the auth process to on-premises or third-party) and implement the country login there.