Objective
Prevent specific users (or all users) in your organization from receiving emails sent from external domains (outside your Microsoft 365 tenant).
Prerequisites
- You must be assigned the Exchange Administrator or Global Administrator role in Microsoft 365.
Steps to Configure the Restriction
1. Access the Exchange Admin Center
- Go to: https://admin.exchange.microsoft.com
- Sign in with your admin credentials.
2. Navigate to Mail Flow Rules
- In the left-hand navigation pane, select Mail flow.
- Click on Rules.
3. Create a New Rule
- Click + Add a rule > Create a new rule.
4. Configure the Rule Settings
-
Name the rule something descriptive, e.g.,
Block External Emails to [User/Group]. -
Under Apply this rule if…:
- Select The recipient is → choose the specific user(s) or group(s).
- Add another condition: The sender is located → select Outside the organization.
-
Under Do the following…:
- Choose Reject the message with the explanation.
- Enter a custom message, e.g.,
"This recipient is not authorized to receive emails from external senders."
-
Leave other settings as default unless specific customization is needed.
5. Set Rule Mode
- Under Choose a mode for this rule, select Enforce.
6. Save and Apply
- Click Next, review the configuration, and click Finish to activate the rule.
Optional: Add Exceptions
If you want to allow certain external domains or addresses, you can:
- Add an exception under “Except if…” such as:
- The sender's domain is → specify trusted domains (e.g.,
partnerdomain.com).
- The sender's domain is → specify trusted domains (e.g.,
Testing the Rule
- Send a test email from an external address to the restricted user.
- The message should be rejected with the custom explanation you configured.
Notes
- This rule only affects inbound external emails. Internal mail flow remains unaffected.
- You can modify or disable the rule at any time from the Mail flow > Rules section.
Comments
0 comments
Please sign in to leave a comment.