ExchangeOffice 365

Export/Import Exchange Online Trusted and Blocked Lists

I am currently working on an Office 365 Tenant to Tenant migration and need to copy the EOP blocked and trusted senders, IP’s and domains. This particular Tenant has hundreds of entries for trusted and blocked IP’s plus safe and blocked senders SMTP addresses and finally a slew of blocked and trusted domains that had built up over time. I used PowerShell to export each list to a CSV then re-import the entries onto the destination Tenant.

The lists that are copied are shown in the images below:

Allowed/Blocked IP’s

Blocked Senders and Domains

Allowed Senders and Domains

The script to export and import these lists is as follows:

############################
##Connect to source Tenant##
############################
#Export Allow IP List
$IpAllowStrList = Get-HostedConnectionFilterPolicy | select -ExpandProperty ipallowlist
$StringToObject = $IpAllowStrList | Select-Object @{Name='Name';Expression={$_}}
$StringToObject | Export-Csv .\IPAllowList.csv -NoType
#Export Block IP List
$IpBlockStrList = Get-HostedConnectionFilterPolicy | select -ExpandProperty ipblocklist
$StringToObject = $IpBlockStrList | Select-Object @{Name='Name';Expression={$_}}
$StringToObject | Export-Csv .\IPBlockList.csv -NoType
#Export Allowed Sender Address List
$AllowedSenderAddressList = Get-HostedContentFilterPolicy | select -ExpandProperty AllowedSenders
$StringToObject = $AllowedSenderAddressList | Select-Object @{Name='Name';Expression={$_}}
$StringToObject | Export-Csv .\AllowedSenderAddressList.csv -NoType
#Export Blocked Sender Address List
$BlockedSenderAddressList = Get-HostedContentFilterPolicy | select -ExpandProperty BlockedSenders
$StringToObject = $BlockedSenderAddressList | Select-Object @{Name='Name';Expression={$_}}
$StringToObject | Export-Csv .\BlockedSenderAddressList.csv -NoType
#Export Allowed Sender Domain List
$AllowedSenderDomainList = Get-HostedContentFilterPolicy | select -ExpandProperty AllowedSenderDomains
$StringToObject = $AllowedSenderDomainList | Select-Object @{Name='Name';Expression={$_}}
$StringToObject | Export-Csv .\AllowedSenderDomainList.csv -NoType
#Export Blocked Sender Domain List
$BlockedSenderDomainList = Get-HostedContentFilterPolicy | select -ExpandProperty BlockedSenderDomains
$StringToObject = $BlockedSenderDomainList | Select-Object @{Name='Name';Expression={$_}}
$StringToObject | Export-Csv .\BlockedSenderDomainList.csv -NoType
###################################
## Connect to destination Tenant ##
###################################
#Import Allow IP List
$IPAllowList = Import-Csv .\IPAllowList.csv
ForEach ($AllowedIP in $IPAllowList){
Set-HostedConnectionFilterPolicy "Default" -IPAllowList @{Add=$AllowedIP.name}
}
#Import Block IP List
$IPBlockList = Import-Csv .\IPBlockList.csv
ForEach ($BlockedIP in $IPBlockList){
Set-HostedConnectionFilterPolicy "Default" -IPBlockList @{Add=$BlockedIP.name}
}
#Import Allowed Sender Address List
$AllowedSenderAddressList = Import-Csv .\AllowedSenderAddressList.csv
ForEach ($AllowedSender in $AllowedSenderAddressList){
Set-HostedContentFilterPolicy "Default" -AllowedSenders @{Add=$AllowedSender.name}
}
#Import Blocked Sender Address List
$BlockedSenderAddressList = Import-Csv .\BlockedSenderAddressList.csv
ForEach ($BlockedSender in $BlockedSenderAddressList){
Set-HostedContentFilterPolicy "Default" -BlockedSenders @{Add=$BlockedSender.name}
}
#Import Allowed Sender Domain List
$AllowedSenderDomainList = Import-Csv .\AllowedSenderDomainList.csv
ForEach ($AllowedSenderDomain in $AllowedSenderDomainList){
Set-HostedContentFilterPolicy "Default" -AllowedsenderDomains @{Add=$AllowedSenderDomain.name}
}
#Import Blocked Sender Domain List
$BlockedSenderDomainList = Import-Csv .\BlockedSenderDomainList.csv
ForEach ($BlockedSenderDomain in $BlockedSenderDomainList){
Set-HostedContentFilterPolicy "Default" -BlockedSenderDomains @{Add=$BlockedSenderDomain.name}
}

 

This may also be useful to run on a schedule to export the lists to a file share as a backup if the entries are accidentally removed or overwritten.

 

 

 

365 Guy

Microsoft Infrastructure Consultant @ Novosco. Specialising in Office 365, Azure AD & Exchange Server.

2 Comments

  1. Thank you! I literally spend the last 3 hours trying to figure this out. I just wanted to export the lists so that I could upload them to our Barracuda Cloud Email Security platform.

Leave a Reply

Your email address will not be published. Required fields are marked *

Close