Symptom:
When trying to take an action with messages in the a person's inbox using the spamreporter tool, either to report a spam or to block a message, generates a 403 error "Access Forbidden".
Cause:
The O365 tenant is locked-down to prevent any API access from external services.
Issue:
When you click on any action in SRC365, a call is made to a central server here @ Vircom that has Vircom do an API call to Office365 to fetch information about the email you want to block/allow/report. Namely header information (from/to/subject). In some cases, clients have implemented extra hardening that causes O365 to reject any external connections to fetch information from the O365 tenant. Basically a client Access Rule that restricts connections.
Fix:
https://docs.microsoft.com/en-us/powershell/module/exchange/set-clientaccessrule?view=exchange-ps
The IP Addresses are those belonging to our SpamReporter central server that handle these calls.