Hi @Chris
I got below information according to my search, getting 1008 (This XML is not deemed safe to consume since Response xml's signing cert is invalid or not from microsoft). That is because your firewall, proxy or webfilter is blocking the requests of your Exchange Emergency Mitigation Service. You need to allow all the IPs and/or URLs (depending on your firewall and/or webfilter) of Microsoft, Google and Akamai that it takes to check the XMLs certificate, certificate revocation list, schema and so on.
You can simulate the behaviour of the EEMS by getting the test page with a browser (https://officeclient.microsoft.com/getexchangemitigations). For those of you not being familiar - look at the schema links in the XML document as well as the certificate of the URL and check all the certificate chaining, revocation lists URLs and so on.
For the IPs compare the blocked IPs with the following networks and allow them:
https://www.microsoft.com/en-us/download/details.aspx?id=53602
https://www.gstatic.com/ipranges/goog.json
https://github.com/SecOps-Institute/Akamai-ASN-and-IPs-List/blob/master/akamai_ip_cidr_blocks.lst
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.