Overview

Enforcing IP restrictions is absolutely critical to ensure complete protection of your mail server. Because hackers and spammers can easily bypass cloud services and target your server directly, mail servers protected by mymailsecurity should only accept SMTP connections from the mymailsecurity IPs listed below and deny all other traffic:

 

  • 69.84.129.224/27          (255.255.255.224)
  • 208.70.208.0/22            (255.255.252.0)

 

Office 365

In the Exchange Admin Center (EAC), click Mail Flow > Connectors. Then create an Inbound Connector to receive emails from mymailsecurity IP’s below:

 

  • 69.84.129.224/27 (255.255.255.224)
  • 208.70.208.0/24 (255.255.255.0)
  • 208.70.209.0/24 (255.255.255.0)
  • 208.70.210.0/24 (255.255.255.0)
  • 208.70.211.0/24 (255.255.255.0)

Exchange 2013

  1. Mail Flow, Rules, Create a new rule
  2. Apply this rule if, sender location is Outside the Organization
  3. Do the following – recommend reject or delete the message
  4. Click More options
  5. Add Exceptions for the mymailsecurity IP addresses
    • 69.84.129.224/27          (255.255.255.224)
    • 208.70.208.0/24            (255.255.252.0)
    • 208.70.209.0/24            (255.255.252.0)
    • 208.70.210.0/24            (255.255.252.0)
    • 208.70.211.0/24            (255.255.252.0)

Exchange 2007/2010

  1. Open the Exchange Management Console
  2. Navigate to Server Configuration > Hub Transport > Default Receive Connector > Properties > Network tab
  3. Under “Receive mail from remote servers that have these addresses:” find the entry that says 0.0.0.0-255.255.255.0 and delete it
  4. Under “Receive mail from remote servers that have these addresses:” click Add
  5. Input the first mymailsecurity IP range; repeat this step for each mymailsecurity IP
  6. Click on the Permission Group tab and ensure that anonymous delivery is allowed from our ranges
  7. Stop and restart the MSExchangeTransport service on the HUB transport server(s)

Exchange 2003

  1. Open the Exchange System Manager
  2. Expand Servers > Server Name > Protocols > SMTP > right-click “Default SMTP Virtual Server” (or the active receive connector name) and select Properties
  3. Navigate to the Access tab and then select the Connection button
  4. Remove any entries from previous providers or entries that have the IP range 0.0.0.0 – 255.255.255.0
  5. Click Add to enter a new IP restriction
  6. Select the group of computers option, insert the first IP range for mymailsecurity, set the subnet mask to 255.255.255.224 and click OK; repeat this step for each of the mymailsecurity IPs
  7. Restart the Simple Mail Transfer Protocol (SMTP) service to apply the changes

Feedback and contact

If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.

This is invaluable to us to ensure that we continually strive to give our customers the best information possible.

Was this article helpful?
Dislike 0
Previous: How to submit missed spam and false-positives
Next: Configuration When Using Office 365