Hi @ Glenn Maxwell ,
The most recommended scenario for adding safe senders is to enter domains and email addresses in the tenant allow/block list.
For specific steps, please refer to the following：
We can't create allow entries for domains and email addresses directly in the tenant allow/block list.
Instead, we use the Emails tab on the Submissions page at https://security.microsoft.com/reportsubmission?viewid=email. When we submit a blocked message as Should not have been blocked (False positive), an allow entry for the sender is added to the Domains & email addresses tab on the Tenant Allow/Block Lists page.
In addition to this, you can use mail flow rules to designate external senders as safe senders.
For details, please refer to this link: Create safe sender lists | Microsoft Learn
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.