In the Security & Compliance Center, go to Threat management > Review > Restricted users.
Find and select the user that you want to unblock. In the Actions column, click Unblock.
A fly-out will go into the details about the account whose sending is restricted. You should go through the recommendations to ensure you’re taking the proper actions in case the account is actually compromised. Click Next when done.
The next screen has recommendations to help prevent future compromise. Enabling multi-factor authentication (MFA) and changing the passwords are a good defense. Click Unblock user when done.
Click Yes to confirm the change.
It may take 30 minutes or more before restrictions are removed.