Scenario
You are currently using Signature 365 with cloud mailboxes within Microsoft 365, but when attempting to use Signature 365 with an on-premise mailbox you receive an error message similar to the following:
Checking the add-in logs on your device, you see the following error reported by the add-in:
[Log] [S365] [messageCompose] https://id.signature365.com/connect/token failed
Reason
Signature 365 must confirm the authenticity of the user contacting the service. For on-premise mailboxes, this can only be done by contacting your on-premise Exchange server.
If your firewall blocks access to your Exchange server, Signature 365 can receive either a 401 unauthorised response or a timeout due to the firewall not allowing access which results in the returned errors listed above.
Solution
You must allow access to your on-premise Exchange servers through any external firewalls to allow Signature 365 to authorise your on-premise users.
Our Identity servers are a global resource, and utilise the region closest to the user connected. If your users are geographically closer to another region, this may use the Identity server of the closer region.
The external IP addresses are listed in the following document. These will need to be granted access to your on-premise Exchange server to be able to successfully authenticate your on-premise users.
Signature 365 SMTP host list and IP whitelist : Signature 365 Help Center