Locking Down O365 Connections

Scenario:

With the introduction of Vircom ModusCloud it is common practice that new security procedures will be required. This is true if the adoption of Vircom ModusCloud with Azure Office 365. One must be prepared to tighten or lock down Office 365 to only accept or receive emails from our cloud solution.

Tightening Security on O365 for Vircom ModusCloud: 

1- Sign-In to the Office 365 Admin portal.

2- Click on Admin menu this will launch Admin Center

3- In the Admin Center click on Show All.

4- Then click on Exchange under the Admin Centers which will launch the Exchange Admin Center.

5- Once in the Exchange Admin Center select Mail Flow - Rules.

6- Click the plus sign " + " and select Restrict messages by sender or recipient...

7- Provide the rule with a name. Then for "Apply this rule if ..." select "The Sender is located..." and "Outside the organization". 

7- For "Do the following..." select  "Reject the Message with the Explanation..." Then enter text "Unauthorized IP" and click OK.

8- Uncheck audit this rule with severity level.

9- For "Choose a mode for this rule" select "Enforce".

10- Click More options.

11- Click Add exception.

12- For "Except If... " select "The sender" then select "IP address is in any of these ranges or exactly matches".

13- In the windows that opens up, add the IP address from the 

 Vircom Ports & Configurations - Vircom ModusCloud labeled port 25 one by one. The list is listed below.

91.209.104.0/24

91.207.212.0/24

91.207.213.0/24

62.209.50.0/24

62.209.51.0/24

185.132.180.0/24

185.132.181.0/24

185.132.182.0/24

185.132.183.0/24

185.183.28.0/24

185.183.29.0/24

185.183.30.0/24

185.183.31.0/24

207.96.143.7

207.115.110.3

207.115.110.7

192.69.1.7

192.69.1.3

14- Click OK.

15- At this point the lock down rule should look as indicated below.

16- We strongly recommend you also another exception for calendar forwards after the "except if sender Ip address is in the range" ... there's a bug with O365 where calendar forwards are seen as external instead of internal emails.

• Click on add another exception
• Chose "Message header ."  
• Click on "Matches these text patterns" . 
• Click on "Enter text " then paste the following  "X-MS-Exchange-MeetingForward-Message" 
• Click on  "These text patterns"  enter the word "Forward"  
• Click on SAVE.   

17- Click Save.

Scenario: 

Office 365 is tagging messages coming from Vircom ModusCloud as spam and putting the messages in the user's junk folder.

Solution:

You need to tell O365 to trust Emails coming from Vircom ModusCloud

.

CONFIGURE OFFICE 365:

By-Pass Spam Filtering in Office 365

1- Sign-In to the Office 365 Admin portal.

2- Click on Admin menu this will launch Admin Center

3- In the Admin Center click on Show All.

4- Then click on Exchange under the Admin Centers which will launch the Exchange Admin Center.

5- Once in the Exchange Admin Center select Mail Flow - Rules.

6- Under the Rules page click on the Plus sign " + " and in the drop down menu select Bypass spam filtering.

7- In the new rule window, complete the required fields:

• Enter a value for Name (e.g."By-pass Spam filtering for Vircom ModusCloud ")
• For "Apply this rule if…" select "The sender...IP address is in any of these ranges or exactly matches”
  

8- Add IP address to the IP address list as provided below.

91.209.104.0/24

91.207.212.0/24

91.207.213.0/24

62.209.50.0/24

62.209.51.0/24

185.132.180.0/24

185.132.181.0/24

185.132.182.0/24

185.132.183.0/24

185.183.28.0/24

185.183.29.0/24

185.183.30.0/24

185.183.31.0/24

207.96.143.7

207.115.110.3

207.115.110.7

192.69.1.7

192.69.1.3

9- Type in the address followed by the clicking the plus sign " + " icon. This needs to be repeated for all IP addresses.

10- Ensure Set the spam confidence level (SCL) to is selected in the Do the following...menu and click Save.

11- Once back on the Rules page enable the rule by clicking the check box.