Is there a way to restrict access to azure email service to specific IP addresses?

Question

HI,

I been testing Azure Communications service with a connected custom email domain to replace an smtp relay server.

Using smtp inbound from our apps to smtp.azurecomm.net on port 587(using username in format 'communication service name.app id. tenant id' with a password) works just fine, but i would like to restrict this to IP addresses also.

Is that possible?

Ive tried setting up the entra app(as used in comm service and username above) with conditional access policy - block action on all IP addresses except for specific IPs, but in testing it doesn't seem to be applying any restrictions how i want and all sources are permitted.

I cant see any help specific articles that describe this kind of restriction.

Im guessing that maybe that entra app conditional access doesn't affect the log in to the smtp.azurecomm.net portal for the authenticating smtp app.

Answer 1

@robert wilson Thanks for your patience on this.

I have checked with ACS Engineering team and sharing the below.

Currently this feature is not supported in Email Service in ACS, also they confirmed this feature is in their product roadmap which might be available in FY25.

Note: The above shared ETA is not fixed might be changed based on various factors.

Also, I would suggest you follow the latest updates in ACS service here.

Hope this helps, let me know if you have any further questions on this.

Please accept as "Yes" if the answer is helpful so that it can help others in the community.