Increase the number of allowed blocked IP ranges in Azure AD
Whenever my company receives a phishing email or an account is compromised, we ban every IP that the hosting company they used owns. Over time this has cut down on the number of compromised accounts as the malicious links couldn't be loaded when clicked on.
We recently hit a hard cap on the number of allowed blocked IP ranges. We would like for the cap to be removed or increased as there are still plenty of sketchy hosting companies that we have not blocked the IP ranges of yet.
This is a major security concern for us and could potentially lead to more compromised accounts if this is not changed.
Blocking IP addresses at that scale is a very bad practice. If you are banning full IP addresses of hosting companies you probably have a lot of false possitives which you don't know about (e.i. a lot of good email filtered out). It would be better for you to report these IP addresses to local abuse email addresses first, and then, if no action taken on their behalf, to RBL spam lists and local CERTs so that they are included in global anti spam lists. This way whole email ecosystem would benefit.