Forum Discussion

Copper Contributor

Oct 07, 2019

Solved

Simple Question about CAS and CA Policies

Several of my Exchange online accounts are subject to frequent login attempts by various means. Recently I have a bunch of attempts using IMAP from foreign countries. IMAP is disabled for that acco...

Cloud App Security

threat protection

VasilMichev
Oct 07, 2019
Best configure an authentication policy in Exchange, it stops those attempts before they even hit AAD: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authentication-in-exchange-online

VasilMichev

MVP

Oct 07, 2019

Best configure an authentication policy in Exchange, it stops those attempts before they even hit AAD: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authentication-in-exchange-online

Jim_Hill
Copper Contributor
Oct 08, 2019
VasilMichev Thanks very much. Because of your comment I looked up the method to create and apply a new authentication policy. I made one that blocked all basic authentication, then modified it to allow authenticated SMTP. Then I applied it on a per user basis. This seemed to work well and like you said it should stop it before it gets into the Azure AD. Thanks so much.