cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

bulk block the IP addresses in exchange online?

Test SharePoint
Brass Contributor

‎Apr 01 2019 12:09 PM - last edited on ‎Feb 01 2023 10:23 AM by

‎Apr 01 2019 12:09 PM - last edited on ‎Feb 01 2023 10:23 AM by

bulk block the IP addresses in exchange online?

We check the regular sign-in attempt failures in Azure ctive directory and block multiple IP addresses from the Exchange online admin center.

We have atleast 40-50 IP addresses to be blocked in each instance. I dont see any option to bulk block the IP addresses in connection filtering in exchange online.

 

I didn't find any PS script either. Any leads would be appreciated.

Labels:
9,185 Views
1 Like
6 Replies
Reply
6 Replies
Christopher Hoard

‎Apr 01 2019 01:07 PM

‎Apr 01 2019 01:07 PM

Re: bulk block the IP addresses in exchange online?

Hi,

Use Powershell to set the Connection Filter Policy

https://docs.microsoft.com/en-us/powershell/module/exchange/antispam-antimalware/set-hostedconnectio...

Hope that answers your question

Best, Chris
0 Likes
Reply
Test SharePoint

‎Apr 01 2019 01:20 PM

‎Apr 01 2019 01:20 PM

Re: bulk block the IP addresses in exchange online?

@Christopher Hoard : thanks for your reply. 

 

I had one doubt: the IP addresses which I want to block do not have a specific range. For eg:

 

Following are the samples which I want to block:

1.255.70.86

119.146.145.50

123.20.162.164
180.248.139.10
14.247.25.62
61.160.25.118
97.34.128.216
219.154.66.223

 

Sometimes I have to block 200 of these different IP addresses.  Is there any other way to achieve this?

thank you again

 

1 Like
Reply
Christopher Hoard

‎Apr 01 2019 02:29 PM

‎Apr 01 2019 02:29 PM

Re: bulk block the IP addresses in exchange online?

Hi!

See the examples in that article - they don’t need to be in ranges you would just have them in commas and separated by dashes.

Hope that helps!

Best, Chris
0 Likes
Reply
best response confirmed by Test SharePoint (Brass Contributor)
Vasil Michev

‎Apr 01 2019 11:22 PM

‎Apr 01 2019 11:22 PM

Solution

Re: bulk block the IP addresses in exchange online?

Looks to me like you want to block auth attempts, not messages coming from those IPs, right? If so, the best way to do it is via Client Access Rules, which allow you to specify allowed/blocked IPs per protocol: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/...

 

Or you can even block legacy auth altogether via auth polices: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authen...

0 Likes
Reply
Test SharePoint

‎Apr 22 2019 09:16 AM

‎Apr 22 2019 09:16 AM

Re: bulk block the IP addresses in exchange online?

yes, this looks good. thank you guys!

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Test SharePoint (Brass Contributor)
Vasil Michev

‎Apr 01 2019 11:22 PM

‎Apr 01 2019 11:22 PM

Solution

Re: bulk block the IP addresses in exchange online?

Looks to me like you want to block auth attempts, not messages coming from those IPs, right? If so, the best way to do it is via Client Access Rules, which allow you to specify allowed/blocked IPs per protocol: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/...

 

Or you can even block legacy auth altogether via auth polices: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/disable-basic-authen...

View solution in original post

0 Likes
Reply