Hi @ eg1995 ,
Impersonation policies only protect users within your organization from message attacks from impersonated senders. For external users receiving messages that impersonate addresses in your domain, you cannot protect them from your defender portal. Because this message doesn't flow through your tenant.If possible, we recommend that this external tenant also enable impersonation insights or use spam protection in their mail system.
Here is an article about Impersonation insight in Defender for Office 365 for your reference: Impersonation insight - Office 365 | Microsoft Learn
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.