Symptom:


When trying to take an action with messages in the a person's inbox using the spamreporter tool, either to report a spam or to block a message, generates a 403 error "Access Forbidden".


Cause:


The O365 tenant is locked-down to prevent any API access from external services.   



Issue:


When you click on any action in SRC365, a call is made to a central server here @ Vircom that has Vircom do an API call to Office365 to fetch information about the email you want to block/allow/report.  Namely header information (from/to/subject).  In some cases, clients have implemented extra hardening that causes O365 to reject any external connections to fetch information from the O365 tenant.  Basically a client Access Rule that restricts connections.


Fix:


Add these two IPs to your client access rules exceptions: 192.69.1.210 and 192.69.1.207

ClientAccessRule ExceptAnyOfClientIPAddressesOrRanges


https://docs.microsoft.com/en-us/powershell/module/exchange/set-clientaccessrule?view=exchange-ps


The IP Addresses are those belonging to our SpamReporter central server that handle these calls.