Here are some ways that could block OWA access from external of your organization:
- Create rule on your firewall to block the OWA access.
- Installing Web-IP-Security to do limitation on OWA(Only allow access from specific IP address segment):
- Install Exchange 2019 and use the new function of Exchange 2019: Client Access Rules in Exchange 2019
You can choose one of them to use in your organization.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.