Email Whitelisting – Mimecast

The following applies to organizations that use Mimecast and have trouble with email delivery due to Mimecast security protection policies. This may impact both Attack Simulation emails and training email interactions.

Note: Mimecast provides several different security features / policies that may be implemented at your organization. It is important to understand which policies are in place, in order to successfully whitelist OutThink’s email services. It is however recommended to take the trial approach of applying whitelisting rules to a single policy at a time, and testing email deliverability using an OutThink test campaign sent to a sample subset of users.

For all policies below, use the following Source IP Addresses:

69.169.231.204
69.169.231.205
147.253.222.115
199.15.227.83

Permitted Senders Policy

A Permitted Senders policy can ensure the successful delivery of inbound messages from OutThink, which will bypass Mimecast’s reputation, greylisting and spam scanning policies. This will avoid the possibility of emails being rejected or placed in the hold queue.

Reference: https://mimecastsupport.zendesk.com/hc/en-us/articles/34000390156947-Policies-Configuring-Permitted-Senders-Policy

  1. Log on to your Mimecast Administration Console.
  2. Select the Administration toolbar menu item.
  3. Select the Gateway | Policies menu item.
  4. Select Permitted Senders.
  5. Select the New Policy button.
  6. Configure the policy settings as follows:
    • Options
      • Policy Narrative: OutThink Permitted Senders Policy
      • Select Notifications Set: Permit Sender
    • Emails From
      • Address Based On: Both
      • Applies From: Everyone
      • Specifically: Applies to all Senders
    • Emails To
      • Applies To: Internal Addresses
      • Specifically: Applies to all Internal Recipients
    • Validity
      • Enable/Disable: Enable
      • Set policy as perpetual: Always On
      • Date Range: All Time
      • Policy Override: Checked
      • Bi-Directional: Unchecked
      • Source IP Ranges (n.n.n.n/32): Set to the IP Addresses given above. Note that these must be entered in CIDR notation.


Anti-Spoofing Bypass Policy

Spoofing is the forgery of email headers so messages appear to come from someone other than the actual source. If you have an existing Mimecast anti-spoofing policy in place, a bypass policy may also need to be created. This may be required, for example, where training emails are delivered on your organization’s behalf, using a sub-domain registered with our mail provider.

Reference: https://mimecastsupport.zendesk.com/hc/en-us/articles/34000743640851-Policies-Configuring-Anti-Spoofing

  1. Log on to your Mimecast Administration Console.
  2. Select the Administration toolbar menu item.
  3. Select the Gateway | Policies menu item.
  4. Select Anti-Spoofing.
  5. Select the New Policy button.
  6. Set the following configuration:
    • Options
      • Policy Narrative: OutThink Anti-Spoofing Policy
      • Select Option: Take no action
    • Emails From
      • Addresses Based On: Both
      • Applies From: Everyone
      • Specifically: Applies to all Senders
    • Emails To
      • Applies To: Everyone
      • Specifically: Applies to all Internal Recipients
    • Validity
      • Enable/Disable: Enable
      • Set policy as perpetual: Always On
      • Date Range: All Time
      • Policy Override: Checked
      • Bi-Directional: Unchecked
      • Source IP Ranges (n.n.n.n/32): Set the Source IP Ranges to the IP Addresses given above. Note that these must be entered in CIDR notation.

URL Protection Bypass Policy

Mimecast will analyse the hyperlinks sent within emails, sometimes resulting in false positive phishing clicks in Attack Simulation campaign results. If your campaign results present phishing link clicks where users have not actually clicked themselves, you may need to add a bypass policy for OutThink’s mail server IP addresses.

Reference: https://mimecastsupport.zendesk.com/hc/en-us/articles/34000430822035-Targeted-Threat-Protection-URL-Protect-Bypass-Policies


Impersonation Protection Bypass Policy

Attack Simulations that purport to come from internal users in your organization may be blocked by Mimecast’s Impersonation Protection Policy. If you detect that certain attack simulation templates are not being received by your users, a bypass policy may need to be added via your Mimecast Administration Console.

Reference: https://mimecastsupport.zendesk.com/hc/en-us/articles/34000738180371-Attachment-Protection-Bypass-Policy-Configuration


Attachment Protection Bypass Policy

An Attachment Protection Bypass policy allows you to exclude OutThink’s emails from an Attachment Protection policy. This may only be required if you are sending advanced Attack Simulation campaigns containing attachments, and you are detecting deliverability issues.

Reference: https://mimecastsupport.zendesk.com/hc/en-us/articles/34000738180371-Attachment-Protection-Bypass-Policy-Configuration


Greylisting Policy

If you are still experiencing deliverability issues and emails are being blocked as greylisted, you may need to add a Greylisting Policy.

Reference: https://mimecastsupport.zendesk.com/hc/en-us/articles/34000377381907-Policies-Configuring-Greylisting-Policies


Banner photo by freestocks

Was this helpful?

4 / 0