Our security requires us to do a lot of crazy stuff. But one genuine ask is to disable some protocols for users to connect to the mailbox.
One important requirement most of the organizations want is to disable IMAP and POP protocol access to Mailbox. In Office 365 POP and IMAP are enabled by default for all users.
Currently, we can do it multiple ways
- Use Portal and disable for each user once created.
- Use Powershell connected to ExO and disable for individual user
- Use Get- and Set- Commands in a single command to disable it for multiple users.
Ok, that is fine. But If we create new users?
Well, in that case, we need to redo the above steps again. Problem with this is
- All admins need to be made aware of this procedure
- New admins must be specifically told to perform the disable operation post creating a new mailbox.
- Error prone as it can be missed(Human error)
Wouldn’t it be nice if we could just create a new mailbox and things are set the way they we want?
To do this we need to follow the below
Get-CASMailboxPlan | fl Name
Name : ExchangeOnline-449cbb2645664646
Name : ExchangeOnlineDeskless-3a08d145664564
Name : ExchangeOnlineEnterprise-a0ce8d44545
Name : ExchangeOnlineEssentials-912457c782-7
Now we need to change the mailbox Plan so that IMAP and POP protocol is disabled by default. I am doing this for Enterprise plan.
Set-CASMailboxPlan ExchangeOnlineEnterprise-a0ce8d44545 -ImapEnabled $false -PopEnabled $false
Now when we create a new mailbox, by default the POP and IMAP protocol for the user will be disabled.