Thursday 6 July 2017

Office 365 Exchange online Outbound email blocked by Spamhaus (CBL)

Seems MS can't give a straight answer, but users on some trials are reporting difficulties with sending email (internal and external) due to transport restrictions enforced by MS.

MS uses the Spamhaus CBL to match IP in the header of the sending device. X-Originating-IP

Generally block lists are used for abusive SMTP/email servers, but MS are using it against Exchange clients (Outlook / Active Sync and OWA). Presumably to kerb spammers abusing the trial.


Resulting in a NDR

Remote Server returned '550 5.7.501 Service unavailable, Client host blocked using Spamhaus. To request removal from this list see (AS16042849)'

The NDR will contain the IP of the actual device where the message was generated, not the Exchnage server IP, as it the case with some other platforms.

X-Originating-IP: []

The Fix:

Modify the default connection filter to allow these IP's

  • Use the EAC to edit the default connection filter policy - detailed here
  • Use powershell to add multiple (max 1273) subnets (max subnet size /24)
PS> $UserCredential = Get-Credential

PS> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection

PS> $sn=@{Add="",

PS> Set-HostedConnectionFilterPolicy “Default” –IPAllowList $null
PS> Set-HostedConnectionFilterPolicy “Default” –IPAllowList $sn


Telstra Mobile IP's -
Powershell command ref above -
EAC - IPAllowList Limits -