Block all site except exchange online mail
-
For something computer I want to block all website except exchange online
Can you help me please?
I tried with the alias and rules but it doesn't work -
@matt911 said in Block all site except exchange online mail:
except exchange online
They, the "exchange online" service, will know the IP address they use. What about the good old 'ask them' ? We're all surprised every day what Google can tell us if asked correctly.
Most probably there will be more then one address.
You had your mission well defined : find them all, and add them to the alias.Also, think about this one : if you were a "exchange online mail" service, what will be you priorities ?
Most probably this one will be at the top of your list : "keep the service accessible at all times".
On the other hand, 'public' IP addresses can get DDOS, so their service are not available any-more.
This situation can be resolved by routing DDOS IPs away from the web mail service, and add others, up until then unknown IP addresses to the DNS pool.
This multi IP sharing also permits me (the service) to take a server off line, update or maintain it, while adding others IPs/server in place, to keep up with the load (demand).What I want to say is : it is hard, maybe close to impossible, to get your hands on the list of all the IP's they use. By now, you could understand that that list is somewhat 'secret'.
Btw : Who is 'they' ? exchange == microsoft ?
-
@gertjan
exchange online = microsoft
Thanks -
See: https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#exchange-online
You can just use the json list directly in pfBlocker-ng to get a list of IPs for office365, including Exchange, and it will be auto updated. It doesn't include IPv6 yet.
Steve