Update 9/12/2025: As of September 2025, Client Access Rules in Exchange Online are now fully deprecated and no longer supported across all organizations. This marks the completion of the phas...
Updated Sep 12, 2025
Version 2.0
Blog Post
This is a pretty dumb decision. Microsoft should let existing CAS rules work. The entire exchange community is facing one issue; without addressing the issue, they cannot deprecate the rules because they feel like doing it. Here is the situation.
1 - CAS rules provides the ability to block all access to EXO from specific IP addresses
2 - conditional access do not provide this option
3 - conditional access should provide option to allow Teams to work externally but block External outlook access , allow access to EXO outlook only from trusted IP addresses
It has been 2 years and Microsoft does not have any answer or solution; now they just want to deprecate it putting change organizations at risk.
We need to file a legal battle.