From the Microsoft 365 admin center, choose Show more > Admin centers > Security & Compliance.
Choose Threat management > Policy.
From the policies available, choose Anti-malware.
On the Anti-malware page, double-click the Default policy to open it, and then choose settings.
Under Common Attachment Types Filter, choose On to block sending and receiving of the file types in the list.
Optionally, add or remove file types from the File Types list.
To receive a notification every time a message containing one of these file types is blocked, select the two check boxes under Administrator Notifications and enter your email address for both.
To customize the message that is sent when a file type is blocked, select Use customized notification text and fill in the required fields.
If you want to add another policy, choose the plus (+) sign at the top of the Anti-malware page, and then repeat these steps.
From the admin center, select Show more, Admin centers, then Security & Compliance.
Select Threat management, then Policy. Select Anti-malware. Double-click to open the default policy.
Then select settings. Under Common Attachment Types Filter, select On. By default, this blocks sending and receiving the file types in the list. You can add or remove file types from here.
To receive a notification every time a message containing one of these file types is blocked, check the two notification boxes and type your email address in the recipient field. You can optionally customize the message that is sent when a file type is blocked.
Select Save, and you're done. To add additional policies, select the plus (+) sign.
The message you receive when a file is blocked looks like this.