Getting 403 Access Forbidden error with SpamReporter (SRC365)

Created by Yves Lacombe, Modified on Mon, 25 Oct 2021 at 03:29 PM by Yves Lacombe


When trying to take an action with messages in the a person's inbox using the spamreporter tool, either to report a spam or to block a message, generates a 403 error "Access Forbidden".


The O365 tenant is locked-down to prevent any API access from external services.   


When you click on any action in SRC365, a call is made to a central server here @ Vircom that has Vircom do an API call to Office365 to fetch information about the email you want to block/allow/report.  Namely header information (from/to/subject).  In some cases, clients have implemented extra hardening that causes O365 to reject any external connections to fetch information from the O365 tenant.  Basically a client Access Rule that restricts connections.


Add these two IPs to your client access rules exceptions: and

ClientAccessRule ExceptAnyOfClientIPAddressesOrRanges

The IP Addresses are those belonging to our SpamReporter central server that handle these calls.