IP allow lists SHOULD NOT be created.

Why This Matters

Configuring IP allow lists in Microsoft 365 can bypass critical security controls, allowing messages from any IP in the list to skip spam and phishing filters. This creates a direct vector for attackers to deliver malicious content directly to user inboxes. Administrators should avoid creating allow lists and instead use more secure, policy-based alternatives.

What Aether365 Checks

Aether365 verifies that no IP allow lists are configured in your Microsoft 365 environment. This check appears in the Aether365 dashboard under microsoft-365 checks and validates compliance with the CIS framework for Exchange Online.