Hello,
Thank you for posting in Q&A forum.
To stop the server from accessing external Microsoft addresses, we recommend trying the following steps:
Configure firewall rules on the server, only allow communication with other servers in your closed network, and block access to the Internet.
Modify the hosts file of the server, specify the IP address of the Microsoft website, and map them to internal addresses instead of external addresses.
Send all DNS requests to your domain controller (DC) for internal resolution. Confirm the DNS configuration is correct by checking the network settings of the server.
Use network monitoring tools or logs to track all applications and services running on the server, especially Microsoft services, and check for any behavior attempting to connect to external Microsoft addresses. You can also enable log auditing on the server, especially for DNS queries and network connection auditing. This can record all DNS queries and network connection attempts that occur on the server, helping you determine which services or applications are attempting to access external addresses.
Hope this answer can help you well.
Best regards,
Jill Zhou