Hornbill IP's to Whitelist

[Josh Bridgens]

Over the weekend, we have had 2 of our accounts used for email addresses in Hornbill, as attepting to login from suspicious locations.

 

The reports are as follows:

 

 

This IP has since been whitelisted, however would like to know if there are other reccomended IP's to whitelist to prevent this occuring again?

 

Josh

 

 

[TrevorKillick]

@Josh Bridgens

The two origin IP's for Hornbill Services are: 87.117.243.10 and 212.71.225.67

Thanks

Trevor Killick

[Keith Stevenson]

Josh

As Trevor points out. They are our IP addresses. This seems to be a new "feature" Microsoft are rolling out for security.  Sadly it seems to have unexpected consequences. In lieu of any actual evidence of wrong doing, we understand this to be a false flag by Microsoft in response to a IP (Our gateway) being shared by all customer instances behind this. From a MS perspective this would appear that multiple logins to different MS customer tenants originate from the same IP.  

We have escalated this to MS for clarification and removal from this list, however they have informed us that our IP (87.117.243.10) is not and has never been on any black or spray list and therefore a false flag. 

We would therefore advise any customer seeing the issue to within MS Admin centre Tag the IP address as valid and escalate via their own methods to MS support on hope of finding out more whilst whitelisting our IPs listed in https://wiki.hornbill.com/index.php?title=Hornbill_Cloud_and_Platform

Kind Regards

Keith Stevenson

[Josh Bridgens]

Thanks @TrevorKillick and @Keith Stevenson This was resolved pretty quickly on our end and our security team have escalated to MS Support.

Josh

[Keith Stevenson]

@Josh Bridgens
Thanks for the reply. Would be interested in any response from MS, given when we asked they confirmed they had checked and that IP was never on any list

Kind Regards

Keith Stevenson