Merge pull request #12140 from MicrosoftDocs/TABL-chrisda

chrisda · web-flow · commit 7bcdf27c393e · 2024-09-27T14:29:38.000-07:00
TABL-chrisda to Main
diff --git a/exchange/exchange-ps/exchange/Get-TenantAllowBlockListItems.md b/exchange/exchange-ps/exchange/Get-TenantAllowBlockListItems.md
@@ -76,6 +76,7 @@ The ListType parameter specifies the list to view. Valid values are:
 - FileHash
 - Sender
 - Url
+- IP
 
 ```yaml
 Type: ListType
@@ -96,6 +97,7 @@ The Entry parameter filters the results based on the ListType parameter value. V
 - FileHash: The exact SHA256 file hash value.
 - Sender: The exact domain or email address value.
 - Url: The exact URL value.
+- IP: IPv6 addresses only. Single IPv6 addresses in colon-hexadecimal or zero-compression format or CIDR IPv6 ranges from 1 to 128.
 
 This value is shown in the Value property of the entry in the output of the Get-TenantAllowBlockListItems cmdlet.
 
diff --git a/exchange/exchange-ps/exchange/New-TenantAllowBlockListItems.md b/exchange/exchange-ps/exchange/New-TenantAllowBlockListItems.md
@@ -82,16 +82,27 @@ The Entries parameter specifies the values that you want to add to the Tenant Al
 - FileHash: Use the SHA256 hash value of the file. In Windows, you can find the SHA256 hash value by running the following command in a Command Prompt: `certutil.exe -hashfile "<Path>\<Filename>" SHA256`. An example value is `768a813668695ef2483b2bde7cf5d1b2db0423a0d3e63e498f3ab6f2eb13ea3`.
 - Sender: A domain or email address value. For example, `contoso.com` or `michelle@contoso.com`.
 - URL: Use IPv4 or IPv6 addresses or hostnames. Wildcards (* and ~) are supported in hostnames. Protocols, TCP/UDP ports, or user credentials are not supported. For details, see [URL syntax for the Tenant Allow/Block List](https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-urls-configure#url-syntax-for-the-tenant-allowblock-list).
+- IP: IPv6 addresses only:
+
+  • Single IPv6 addresses in colon-hexadecimal format (for example, 2001:0db8:85a3:0000:0000:8a2e:0370:7334).
+
+  • Single IPv6 addresses in zero-compression format (for example, 2001:db8::1 for 2001:0db8:0000:0000:0000:0000:0000:0001).
+
+  • CIDR IPv6 ranges from 1 to 128 (for example, 2001:0db8::/32).
 
 To enter multiple values, use the following syntax: `"Value1","Value2",..."ValueN"`.
 
-For senders, files, and URLs the maximum number of allow entries for each type is 500, and the maximum number of block entries for each type is 500 (1000 entries total for each type).
+Entry limits for each list subtype (sender, URL, file, or IP address):
+
+- **Exchange Online Protection**: The maximum number of allow entries is 500, and the maximum number of block entries is 500.
+- **Defender for Office 365 Plan 1**: The maximum number of allow entries is 1000, and the maximum number of block entries is 1000.
+- **Defender for Office 365 Plan 2**: The maximum number of allow entries is 5000, and the maximum number of block entries is 10000.
 
 The maximum number of characters in a file entry is 64 and the maximum number of characters in a URL entry is 250.
 
-You can't mix value types (file, sender, or URL) or allow and block actions in the same command.
+You can't mix value types (sender, URL, file, or IP address) or allow and block actions in the same command.
 
-In most cases, you can't modify the URL, file, or sender values after you create the entry. The only exception is allow URL entries for phishing simulations (ListType = URL, ListSubType = AdvancedDelivery).
+In most cases, you can't modify the sender, URL, file, or IP address values after you create the entry. The only exception is URL allow entries for phishing simulations (ListType = URL, ListSubType = AdvancedDelivery).
 
 ```yaml
 Type: String[]
@@ -135,6 +146,7 @@ The ListType parameter specifies the type of entry to add. Valid values are:
 - FileHash
 - Sender
 - Url
+- IP
 
 ```yaml
 Type: ListType
@@ -156,6 +168,7 @@ This switch is available to use in the following scenarios:
 
 - With the Block switch.
 - With the Allow switch where the ListType parameter value is URL and the ListSubType parameter value is AdvancedDelivery.
+- With the Allow switch where the ListType parameter value is IP.
 
 You can't use this switch with the ExpirationDate or RemoveAfter parameter.
 
diff --git a/exchange/exchange-ps/exchange/Remove-TenantAllowBlockListItems.md b/exchange/exchange-ps/exchange/Remove-TenantAllowBlockListItems.md
@@ -63,10 +63,11 @@ The Entries parameter specifies the entries that you want to remove based on the
 - FileHash: The exact SHA256 file hash value.
 - Sender domains and email addresses: The exact domain or email address value.
 - Url: The exact URL value.
+- IP: IPv6 addresses only. Single IPv6 addresses in colon-hexadecimal or zero-compression format or CIDR IPv6 ranges from 1 to 128.
 
 This value is shown in the Value property of the entry in the output of the Get-TenantAllowBlockListItems cmdlet.
 
-You can't mix value types (file, sender, or URL) or allow and block actions in the same command.
+You can't mix value types (sender, URL, file, or IP address) or allow and block actions in the same command.
 
 You can't use this parameter with the Ids parameter.
 
@@ -109,6 +110,7 @@ The ListType parameter specifies the type of entry that you want to remove. Vali
 - FileHash
 - Sender
 - Url
+- IP
 
 ```yaml
 Type: ListType
diff --git a/exchange/exchange-ps/exchange/Set-TenantAllowBlockListItems.md b/exchange/exchange-ps/exchange/Set-TenantAllowBlockListItems.md
@@ -49,7 +49,7 @@ Set-TenantAllowBlockListItems -Entries <String[]> -ListType <ListType>
 ```
 
 ## DESCRIPTION
-In most cases, you can't modify the URL, file, or sender values of an existing entry. The only exception is allow URL entries for phishing simulations (Action = Allow, ListType = URL, and ListSubType = AdvancedDelivery). For more information about allowing URLs for phishing simulations, see [Configure the advanced delivery policy for third-party phishing simulations and email delivery to SecOps mailboxes](https://learn.microsoft.com/defender-office-365/advanced-delivery-policy-configure).
+In most cases, you can't modify the sender, URL, file, or IP address values after you create the entry. The only exception is URL allow entries for phishing simulations (ListType = URL, ListSubType = AdvancedDelivery). For more information about allowing URLs for phishing simulations, see [Configure the advanced delivery policy for third-party phishing simulations and email delivery to SecOps mailboxes](https://learn.microsoft.com/defender-office-365/advanced-delivery-policy-configure).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://learn.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 
@@ -77,10 +77,11 @@ The Entries parameter specifies the entries that you want to modify based on the
 - FileHash: The exact SHA256 file hash value.
 - Sender domains and email addresses: The exact domain or email address value.
 - Url: The exact URL value.
+- IP: IPv6 addresses only. Single IPv6 addresses in colon-hexadecimal or zero-compression format or CIDR IPv6 ranges from 1 to 128.
 
 This value is shown in the Value property of the entry in the output of the Get-TenantAllowBlockListItems cmdlet.
 
-You can't mix value types (file, sender, or URL) or allow and block actions in the same command.
+You can't mix value types (sender, URL, file, or IP address) or allow and block actions in the same command.
 
 You can't use this parameter with the Ids parameter.
 
@@ -122,6 +123,7 @@ The ListType parameter specifies the type of entry that you want to modify. Vali
 - FileHash
 - Sender
 - Url
+- IP
 
 Use the Entries or Ids parameter with this parameter to identify the entry itself.
 
@@ -141,7 +143,11 @@ Accept wildcard characters: False
 ### -NoExpiration
 The NoExpiration switch specifies that the entry should never expire. You don't need to specify a value with this switch.
 
-This switch is available to use with block entries or with url allow entries where the ListSubType parameter value is AdvancedDelivery.
+This switch is available to use with the following types of entries:
+
+- Block entries.
+- URL allow entries where the ListSubType parameter value is AdvancedDelivery.
+- IP address allow entries.
 
 You can't use this switch with the ExpirationDate parameter.
 
