I have two-way alarm notification / acknowledge setup in Ignition, Emails get sent but the acknowledge link is a local IP address. The IT group says they use Office 365 and have some legal requirements around the use of 2 factor authentication and email relay. Any advice?
Email server operators have legal obligations under the CAN-SPAM act when sending automated emails to third parties. Not sure what else they might be referring to. (IANAL, but I do operate my own mail servers.)
CAN-SPAM rules do not apply to emails sent to employer-provided email addresses with employer approval. You should be submitting emails using a From address and credentials that can only send to other addresses within your organization.
If Office365 cannot set up something like that, you should fire them. Or fire your IT department.