Geolocation Exceptions for inbound SMTP
I would like to clarify that I have the use of exceptions correct in the Geolocation service. I have an SMTP proxy for inbound email (port 25) and using the Geolocation service I have blocked most countries other than North America and some other countries in the world with which we do business. In certain cases we have a vendor or customer, located in North America or not, who uses email hosting services from a country that is not where they reside and which is on our block list of countries. We have seen this where the user is on Microsoft 365 in some way and although their corporate offices may be in France which is allowed on our Geolocations list, their email originates from a Microsoft server in a different country which is on our block list. To allow this I have set up an exception for a FQDN of (example) sendfromhere.com. So is this the correct formation of the exception or should it be @sendfromhere.com or *@sendfromhere.com? to allow all emails from that domain to pass through the firewall. The Watchguard documentation seems to indicate that the first format is correct but I am not sure of this and it is difficult to test as I am located in North America.
A follow up question is whether I can see the domains of the senders of emails that have not passed through to our mail server as a result of Geolocation filtering in logs