M365 security recommendations on Block-Listed domain


Don't know if this is the correct place to post my question, but here we go.

I'm busy on baselining some tenants for customers and I'm struggling with the allow-listing and block-listing of domains to allow sharing and collaborating.


Allow-listing all the domains is quite impossible due to the nature of the business, but at least we should be able to block-list certain domains.


To do so, I'm trying to find a list of domains which are untrustworthy, and which should definitely be blocked. This as an alternative solution....

In the meantime I'm also building the allow-list, as I know this should be the way to go off course :smile:


Any help is welcome, or some feedback from peers who went through the same experience.


Thanks already!

0 Replies