Microsoft 365's newest Mailbox Safe/Blocked Sender List Diagnostic will protect organizations from undetectable cyberthreats

Microsoft has released a new feature, Mailbox Safe/Blocked Sender List Diagnostic, in the Microsoft 365 platform that checks whether an email sender is on the safe (trusted) or blocked list.

In a blog post, the Redmond-based tech giant says the new Mailbox Safe/Blocked Sender List Diagnostic feature can only be used if IT admins have the recipient’s email address and the sender’s email address or domain.

The feature uses a specific command to do this check (Get-MailboxJunkEmailConfiguration), and it also makes sure these lists are accurate in Microsoft Entra ID (formerly Azure Active Directory). If it encounters any issues, it will try to fix them by syncing the lists.

The Mailbox Safe/Blocked Sender List Diagnostic feature will:

• Confirm if a sender is allowed or blocked by a recipient.
• Check if any issues are due to the lists being out of sync with Microsoft Entra ID.
• Sync the safe/block list to Microsoft Entra ID’s safe/block sender hash value.
• Provide insights on any problems preventing the sync, like list size issues.

Microsoft says that IT admin can check both individual email addresses and entire domains using the new capability.

Both individual addresses and domains are accepted parameters. If you enter the sender domain, the diagnostic will perform all the checks listed above, but only the block list domains will sync to Microsoft Entra ID. Syncing allowed domains may lead to the delivery of potentially harmful or unwanted messages.  

For those admins interested in using the new feature to keep their organizations safe, Microsoft has provided three examples, explained step by step. You can find them all on the official blog post.

Speaking of security, Microsoft enhanced Teams to give users a heads-up about phishing attacks. The new enhancement is rolling out to commercial customers this month.