Forum Discussion
Security: impossible to restrict all ".zip" and ".mov" TLD to the Tenant Allow/Block list
Please see screenshot below. Maybe I'm doing something wrong, but there is no help available for the syntax to use (the linked page in the tooltip doesn't contain that information).
6 Replies
Has anyone tried the advanced delivery config to get the Domain in? By using ~ either side?
e.g. ~.zip~https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide#scenario-left-and-right-tilde
Instead of using the Tenant Allow/Block lists you can make use of the Windows Defender Firewall which supports blocking of TLDs, the policy can be deployed via Intune.
More information can be found here:
https://techcommunity.microsoft.com/t5/intune-customer-success/announcing-enhanced-control-for-configuring-firewall-rules-with/ba-p/3664744Found another great source written by Jeffrey Appel:
https://jeffreyappel.nl/block-gtld-zip-fqdn-domains-with-windows-firewall-and-defender-for-endpoint/- Hello,
Yes I immediately thought to block these in our firewall but it doesn't protect users that would check emails on their phone outside of the company network for instance.
This is the reason why I wanted to filter the emails before they even reach the users.
Here only allow URL format
- Looking into the same thing. I see two issues here; blocking TLD's has never been allowed with the tenant block list. Also, a bigger issue is when you enter in .zip or .mov MS recognizes them as file extensions and will see it as an error. I think we will have to wait for them to add the capability. I am going to look for another way.
With some search efforts I found the syntax:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide#url-syntax-for-the-tenant-allowblock-list
Is there a way to block all domain names with a given TLD? I could not make it work.
