New Office 365 IP Address Range!

2017-12-08T11:55:05+00:00 March 26th, 2014|Office 365|

We had an issue recently who had an Exchange 2010 Hybrid Configuration, were unable to send emails from mailboxes hosted in the cloud to internal On-Premise mailboxes.

The customer external firewall had been locked down so that SMTP port 25 would only accept mail from the below Office 365 IP addresses (Referenced from http://onlinehelp.microsoft.com/en-gb/office365-enterprises/hh373144.aspx)

  • 65.52.148.27
  • 65.52.184.75
  • 65.52.196.64
  • 65.52.208.73
  • 65.52.240.233
  • 65.54.54.32/27
  • 65.54.55.201
  • 65.54.74.0/23
  • 65.54.80.0/20
  • 65.54.165.0/25
  • 65.55.86.0/23
  • 65.55.233.0/27
  • 65.55.239.168
  • 70.37.97.234
  • 70.37.128.0/23
  • 70.37.142.0/23
  • 70.37.159.0/24
  • 94.245.68.0/22
  • 94.245.82.0/23
  • 94.245.84.0/24
  • 94.245.86.0/24
  • 94.245.117.53
  • 94.245.108.85
  • 111.221.16.0/21
  • 111.221.24.0/21
  • 111.221.70.0/25
  • 111.221.71.0/25
  • 111.221.111.196
  • 111.221.127.112/28
  • 132.245.0.0/16
  • 157.56.23.32/27
  • 157.56.53.128/25
  • 157.56.55.0/25
  • 157.56.58.0/25
  • 157.55.59.128/25
  • 157.55.130.0/25
  • 157.55.145.0/25
  • 157.55.155.0/25
  • 157.55.185.100
  • 157.55.194.46
  • 157.55.227.192/26
  • 157.56.151.0/25
  • 157.56.200.0/23
  • 157.56.236.0/22
  • 207.46.216.54
  • 207.46.57.128/25
  • 207.46.70.0/24
  • 207.46.73.250
  • 207.46.150.128/25
  • 207.46.198.0/25
  • 207.46.206.0/23
  • 213.199.148.0/23
  • 213.199.182.128/25

So the customer added all these IP addresses to the firewall and the mail was still not being received from Office 365, so as a test the customer opened up the firewall to allow any IP on port 25. As soon as the customer did this all emails from office 365 mailboxes started to work.

Next thing we did was check the message headers from some of the mails received from Office 365.

It turned out that Office 365 was sending mail from the following IP range 213.199.154.0/24

You could also see the IP address in message tracking from the Exchange Servers also.

So after discovering the additional Office 365 IP addresses not referenced on http://onlinehelp.microsoft.com/en-gb/office365-enterprises/hh373144.aspx , we asked the customer to lock down Port 25 again on the firewall, but this time add the additional IP address range we discovered.

After doing this, we then tested mail from Office 365 and the message was delivered successfully J