Defender Tenant allow/block list

Brass Contributor



Could someone please she some light on the questions below. Thank you!

I need to fully understand what exactly the Tenant Allow/Block lists does is for the two features below. 

My understanding. 

  • domains and addresses are basically, domains I have manually tagged as allowed or block in the quarantine page.
  • Spoofed servers: allow external senders to send as your domain. But why not just add them to the SPF record.
2 Replies



I thought SPF, DKIM, DMARC little bit different at Email security Domain level but you can manage in Azure and Exchange Online environment:


Lots of support for DKIM within Exchange Online but M365 Family users with personalised email addresses still cannot enable it.