Hi @NP,
From the perspective of Exchange side, if client access rules hasn't been disabled in your tenant, you can create a client access rule to restrict user's Outlook access based on IP addresses:
New-ClientAccessRule -Name "RestrictOutlookAccess" -Action DenyAccess -AnyOfProtocols OutlookAnywhere -ExceptAnyOfClientIPAddressesOrRanges <AllowedIPRanges>
It's likely that it can also be realized using Conditional Access policies, so I'll add the tag as well so community members over there can also have a look at it.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.