cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Teams MTR - External Access Approval

Jeff Harlow
Iron Contributor

‎Jun 10 2021 08:56 AM

‎Jun 10 2021 08:56 AM

Teams MTR - External Access Approval

We have a MTR device that needs to be able to accept 3rd party invites (Webex, Zoom, etc.). So I have Set-CalendarProcessing ProcessExternalMeetingMessages set to true.  However, I am curious, what are people doing to prevent spamming their MTR rooms since that pretty much allows anyone to send an appointment externally? 

 

 

1,943 Views
0 Likes
5 Replies
Reply
5 Replies
Chris Webb

‎Jun 13 2021 10:30 PM

‎Jun 13 2021 10:30 PM

Re: Teams MTR - External Access Approval

I mean you could always setup content rules etc. for them and only accept email from certain domains etc. if you have issues with people abusing them. But honestly the only thing that will get processed is calendar invites etc. so other spam shouldn’t effect them.
0 Likes
Reply
Jeff Harlow

‎Jun 14 2021 05:15 AM

‎Jun 14 2021 05:15 AM

Re: Teams MTR - External Access Approval

Yeah, I noticed a post on the rules but that would only apply if you knew the domains that would be sending appointments (unless that would be the 3rd party). Cannot see that working unless you only had meetings with a selected few companies. I agree, it would only process invites. I am just thinking that this could become a target for malicious activity just to fill up calendar with a bunch of spam and cause problems.
0 Likes
Reply
Graham Walsh

‎Jul 01 2021 04:24 AM

‎Jul 01 2021 04:24 AM

Re: Teams MTR - External Access Approval

@Jeff Harlow I wrote a blog post here on securing the invites to devices Securing External Meeting Requests for Microsoft Teams Rooms | (graham-walsh.com)

0 Likes
Reply
Jeff Harlow

‎Jul 01 2021 05:24 AM

‎Jul 01 2021 05:24 AM

Re: Teams MTR - External Access Approval

Hey Graham, I follow your page and saw this post. The question I have, do you have to whitelist the actual 3rd party service, say zoom.us or webex.com or the customer/client that is sending the invite? We have hundreds of customers and the domains changes daily, so I cannot just whitelist their domain but if it is the 3rd party service, that would be doable.
0 Likes
Reply
Graham Walsh

‎Jul 01 2021 07:29 AM

‎Jul 01 2021 07:29 AM

Re: Teams MTR - External Access Approval

That is correct, you whitelist the mail that contains say *.webex.com, so that can process the invite as valid.
0 Likes
Reply