This article is created as an alternative to the method described in this post please check out the post before proceeding.
This method requires Azure AD Premium P1 (or higher) to be assigned to all users affected by the policy. Some methods used are in preview. Using conditional access will also block SMTP and ACS for affected accounts.
Create a new conditional access policy and set up the scope, for example:
- Users and groups: All users
- Cloud apps: Office 365 Exchange Online
- Client Apps: Other clients – This is the part that specifies that this policy should affect connection attempts over IMAP and POP.
- Grant: Block Access