2

We need to restrict user access to certain mailboxes (Outlook/MAPI) based upon the user's location within our site. All mailboxes exist within the same on-premise Exchange server - all mailbox access is via Outlook/MAPI connections.

Certain mailboxes are designated "secure" must only be accessible from within a secure area & not outside that area. Non-secure mailboxes must not be accessible within the secure area at all.

I control/prevent the flow of emails between the secure/non-secure mailboxes using Transport Rules (ie "secure" mailboxes can only send to whitelisted mailboxes). I must stop a user outside the secure area adding a "secure" mailbox to their Outlook profile & viewing the contents (or someone inside the secure area adding a non-secure mailbox to their Outlook).

Can anyone think of a way to engineer this???

Thanks.

SK5910
  • 21
  • 1

1 Answers1

0

There are scenarios where administrators may want to limit an app to only specific mailboxes and not all Exchange Online mailboxes in the organization. Administrators can identify the set of mailboxes to permit access by putting them in a mail-enabled security group. Administrators can then limit third-party app access to only that set of mailboxes by creating an application access policy for access to that group.

Another way is through Conditional Access policies which allow you to define conditions under which users are granted access to your cloud apps. You can use Conditional Access policies with Azure AD applications that support modern authentication.

JarvisWX
  • 36
  • 3