exchange, office 365, content delivery network

I got this message in my email. (attached)

we have proof point gateway from where emails are filtered to office 365.

how should I check whether we are applying whitelist to filter CDN's
CDN.PNG
pramod1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Visit one of the sites.

If you can get to the site you're good.

If you're blocked, then you'll have to take some action.
Vasil Michev (MVP)Commented:
This has nothing to do with mail flow/proofpoint. It's about whitelisting those CDNs on your network perimeter devices, in case you are actually using any type of filtering for O365. Otherwise you can safely ignore the message.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pramod1Author Commented:
How can I check if I am using any filtering in office 365

I tried to open one if the site but could not
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
More than likely you won't do anything, as a CDN is just like any other Website.

The only exception is if you deploy some sort of enterprise wide Ad Blocker list.

For example, if you visit http://aadcdn.msauth.net/, if all's well, you should see a message like...

<h2>Our services aren't available right now</h2><p>We're working to restore all services as soon as possible. Please check back soon.</p>0RQX8WwAAAABP7sQMI0fPRqpNavEWllN7REFMRURHRTEwMjAARWRnZQ==

Open in new window

pramod1Author Commented:
We are having ADFS server with single sign on
pramod1Author Commented:
I can’t open the site
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Note: You must open the above link in a Web browser.

As Vasil stated, none of this has anything to do with SMTP/IMAP flow.

This has to do with HTTP flow, so a browser check is required.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
This has nothing to do with ADFS.

Click http://aadcdn.msauth.net/ in a browser + if you have some problem, provide a copy of the browser error message you receive.
pramod1Author Commented:
I am getting http 400 error
ITguy565Commented:
@pramod

Whitelist the below URL's in your Content Filter or if you use zone policies in GPO, you can add them to your zone policies in the proper Group Policy object.


aadcdn.msauth.net
aadcdn.msftauth.net
ccscdn.msauth.net
ccscdn.msftauth.net

reference :
http://www.grouppolicy.biz/2010/07/how-to-use-group-policy-to-allow-or-block-urls/
ITguy565Commented:
If you are getting a 400 error then that means that the site is unable to process the request


What happens when you open a command prompt and type :


nslookup aadcdn.msauth.net

you should get something like :

Non-authoritative answer:
Name:    standard.t-0001.t-msedge.net
Addresses:  2620:1ec:bdf::10
          13.107.246.10
Aliases:  aadcdn.msauth.net
          aadcdnoriginwus2.azureedge.net
          aadcdnoriginwus2.afd.azureedge.net
          afd.t-0001.t-msedge.net
          t-0001.t-msedge.net
          edge-prod-mia.ctrl.t-0001.t-msedge.net
pramod1Author Commented:
only the last line is different all others are same, what does this mean
ITguy565Commented:
@pramod1

Please post the results that you got into the thread.
pramod1Author Commented:
Non-authoritative answer:
 Name:    standard.t-0001.t-msedge.net
 Addresses:  2620:1ec:bdf::10
           13.107.246.10
 Aliases:  aadcdn.msauth.net
           aadcdnoriginwus2.azureedge.net
           aadcdnoriginwus2.afd.azureedge.net
           afd.t-0001.t-msedge.net
           t-0001.t-msedge.net
           edge-prod-chgr3.ctrl.t-0001.t-mesedge.net

please let me know what does this mean, do we have to make changes in our organization
pramod1Author Commented:
how should I check whether we are applying whitelist to filter CDN's
ITguy565Commented:
@pramod1 for some reason I am not getting notifications that you are posting replies. Interesting..

how should I check whether we are applying whitelist to filter CDN's

In order to answer this, I would need to know how you filter your web traffic? Do you have an edge device such as a foritinet, sonicwall, or are you using some type of gateway server? without knowing your environment these are details you will need to provide.
pramod1Author Commented:
i wanted to know what you meant by running nslook up

what inference you made, when u got the result.

do i need to whitelist these domains?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office

From novice to tech pro — start learning today.