The Blocked Lists for Exchange Online specify the blocked senders, URLs, and SHA-1 hash values for your organization through the Threat Remediation API. Email messages that match any item in the lists will be automatically quarantined by Cloud App Security.
After the blocked lists are configured, a message Blocked Lists for Exchange Online enabled displays on the Advanced Threat Protection screen for Exchange Online policies. The blocked lists apply to all targets in the enabled Exchange Online policies and take precedence over the configurations in these policies.
For more information about how to manage the token, see Generating an Authentication Token.
For more information about how to use this API, see Supported Cloud App Security Automation APIs.
Blocked Senders: email address that an email message is sent from
Blocked URLs: URL that is included in an email message
Blocked SHA-1 Values: SHA-1 hash value of an email attachment
In this release, you can only view the blocked lists on the management console. To add or remove a blocked item, use the Threat Remediation API.