Share via

Retrieving the list of any Public IP address sending email to my Exchange Online tenant?

EnterpriseArchitect 5,666 Reputation points
2025-02-14T04:56:46.91+00:00

How can I know which other Public IP addresses are still using the MX records or sending emails to my Exchange Online MX records?

I need to lock down the email inbound and outbound flow only from a dedicated Anti Spam Filter service I am using the Exchange Online Connectors page: https://admin.cloud.microsoft/exchange#/connectors

 

Microsoft Exchange Online
Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,446 questions
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,746 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,791 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
2,229 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alex Zhang-MSFT 5,055 Reputation points Microsoft Vendor
    2025-02-14T07:47:42.5833333+00:00

    Hello, @EnterpriseArchitect,

    Welcome to the Microsoft Q&A platform!

    To identify which public IP addresses are using your MX records or sending emails to your Exchange Online MX records, you can use the message trace feature in the Exchange admin center (Message trace in the new EAC in Exchange Online | Microsoft Learn). This will help you identify the IP addresses of the senders.

    User's image

    Then use an MX lookup tool to check your domain's MX records and see which mail servers are listed. This can help you verify if your MX records are correctly pointing to your anti-spam filter service. You can use tools like UptimeRobot's MX Lookup to check your MX records.

    To lock down the email flow to only accept mail from your dedicated anti-spam filter service, you can create an inbound connector in Exchange Online. When configuring the connector, make sure to only accept mail from the IP addresses of your anti-spam filter service.

    Then you can use PowerShell to create an inbound connector with IP restrictions, replace <IP1>,<IP2>,<IP3> with the actual IP addresses of your anti-spam filter service.

    New-InboundConnector -Name "Anti-Spam Filter" -RequireTls $true -ConnectorType Partner -SenderDomains * -RestrictDomainsToIPAddresses $true -SenderIpAddresses <IP1>,<IP2>,<IP3>

    For reference, please visit How to configure Microsoft 365 to only accept mail from third-party spam filter - ALI TAJRAN.

    (Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.)

    Finally, enable Enhanced Filtering for Connectors (Enhanced filtering for connectors in Exchange Online | Microsoft Learn) to ensure that your anti-spam filter service is trusted and that legitimate emails are not misclassified.

    By following these steps, you can effectively manage and protect your email flow. Should you need more help on this, you can feel free to post back. 

    If the answer is helpful, please click on “Accept answer” as it could help other members of the Microsoft Q&A community who have similar questions and are looking for solutions.

    Thank you for your support and understanding.

    Best Wishes,

    Alex Zhang

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.