diff --git a/defender-office-365/tenant-allow-block-list-email-spoof-configure.md b/defender-office-365/tenant-allow-block-list-email-spoof-configure.md index 253d8d6f32..a185ddd42e 100644 --- a/defender-office-365/tenant-allow-block-list-email-spoof-configure.md +++ b/defender-office-365/tenant-allow-block-list-email-spoof-configure.md @@ -54,7 +54,12 @@ This article describes how admins can manage entries for email senders in the Mi - An entry should be active within 5 minutes. - You need to be assigned permissions before you can do the procedures in this article. You have the following options: - - [Microsoft Defender XDR Unified role based access control (RBAC)](/defender-xdr/manage-rbac) (If **Email & collaboration** \> **Defender for Office 365** permissions is :::image type="icon" source="media/scc-toggle-on.png" border="false"::: **Active**. Affects the Defender portal only, not PowerShell): **Authorization and settings/Security settings/Detection tuning (manage)** or **Authorization and settings/Security settings/Core security settings (read)**. + - [Microsoft Defender XDR Unified role based access control (RBAC)](/defender-xdr/manage-rbac) (If **Email & collaboration** \> **Defender for Office 365** permissions is :::image type="icon" source="media/scc-toggle-on.png" border="false"::: **Active**. Affects the Defender portal only, not PowerShell): + - *Add and remove entries from the Tenant Allow/Block List*: Membership assigned with the following permissions: + - **Authorization and settings/Security settings/Detection tuning (manage)** + - *Read-only access to the Tenant Allow/Block List*: + - **Authorization and settings/Security settings/Read-only**. + - **Authorization and settings/Security settings/Core Security settings (read)**. - [Exchange Online permissions](/exchange/permissions-exo/permissions-exo): - *Add and remove entries from the Tenant Allow/Block List*: Membership in one of the following role groups: - **Organization Management** or **Security Administrator** (Security admin role).