New to MCAS and I do not have direct access so bear with me.
Required use case: Block emails that contain sensitive keywords except where the mail recipient is a trusted partner (check domain part of email address is one of a list of trusted partners e.g. @microsoft.com).
Being told by my supplier that it is not possible to do in MCAS and need to set up in O365 Security & Comp Centre. They tell me that MCAS cannot check the mail recipient domain in the condition, only individual usernames that have been imported.
Any way I can do that in MCAS - to avoid rules in multiple places?