We recommend that you lock down to accept inbound SMTP traffic from our IP ranges on port 25 (or whatever port you are using for your inbound mail traffic). This should have no affect on users accessing OWA they would be http/https which routes through a different port.
I hope this information helps!
System Support Specialist
SaaS Email and Web Security
McAfee. Part of Intel Security.