Basic Mimecast Guide

Basic Mimecast Guide. Mimecast is a cloud based email filtering and archiving service. Email security is a vital part of many businesses, and Mimecast offers users added security against threats such as viruses and phishing, as well as reducing spam. Archiving and continuity are also options within the service; this allows businesses to ensure access to email is still available during an outage of their email server.

Once you have made the decision to use Mimecast, you will repoint your domain’s mail exchanger (MX) records to Mimecast’s server cluster, and you will be given access to a web portal, known as the Mimecast Administration Console.

Configuring your mail server IP address

Login to the Mimecast Administration Console and navigate to Gateway à Policies à Delivery Routing. Click the Definitions button on the right hand side, next to the Delivery Routing option.

To set a new delivery route, click New Route Definition. To edit the existing one, click on the entry. Set the Hostname field to the IP address of FQDN of your email server.

Permitting or blocking a sender

To add a new blocked or a permitted sender to Mimecast at the account level, do the following:

  • Login to the Mimecast Administration Console
  • Go to Directories –> Groups
  • Click Blocked Senders or Permitted Senders on the left
  • Then use the Build menu and select either Add Email Addresses or Add Email Domains.

001

This is a domain level policy which is run before the end user individual policies.

Whitelist a Sender IP address in Mimecast

Sometimes you may need to permit an IP address through Mimecast, this may be preferable to whitelisting by domain or email address under certain circumstances.

To add an IP address to an allow list, do the following:

  • Login to the Mimecast Administration Console.
  • Go to Gateway –> Policies.
  • Find ‘Permitted Senders’ in the list and click on it.

If there is an existing policy for allowed IP addresses, there will be an entry that states it applies ‘From Everyone’ and ‘To Everyone’, if you click on this and look at the Validity section at the bottom, you may see existing whitelisted IP addresses. If this is the case, then you can add any further required IP addresses to the Validity section here.

If there is not an existing policy defined as ‘From Everyone’ and ‘To Everyone’ to permit senders, then do the following:

  • Click ‘New Policy’.
  • In ‘Policy Narrative’, enter an easy to understand name, such as ‘Permitted IP Addresses’.
  • In ‘Permitted Sender Policy’, select ‘Permit Sender’.
  • Select ‘Everyone’ for Emails From and Emails To.
  • Check the ‘Policy Override’ checkbox.

002

Add the IP addresses required in the ‘Source IP Ranges’ box using the CIDR notation. For example:
To add a single IP address:
222.111.111.222/32
22.111.111.0/32
To add a range of addresses:
22.111.111.0/24

Adding new Mimecast Admin users and assigning roles

Existing admin users for Mimecast can assign the admin role to other users within the system, and add new users if required.

  • Login to the Mimecast Administration Console. Then go to ‘Directories’ –> ‘Internal’. Then click the domain required.
  • To edit an existing user, you can use the search feature and then click on the user to amend the role assigned.
  • Click on the ‘RoleEdit’ option and click the role you wish to assign. Then click the ‘Add User to Role’ button.

You can add multiple new users to the role from here.

If you wish to add a new user, you need to do this using the ‘New Address’ option from the ‘Directories’ –> ‘Internal’ –> “domain.com” screen. However, if you use an Active Directory Server, new users added to AD will automatically be added to Mimecast. Only use the ‘New Address’ feature to add non-AD users.

Then you can change the role for the new user following the other steps detailed above.

Detecting pornographic images in email

The sensitivity level of the pornographic image detection feature in Mimecast can be amended to suit your requirements.

  • Login to the Mimecast Administration Console:
  • Go to Gateway –> Policies then Definitions –> Attachment Sets

003

  • Click ‘New Attachment Set Definition’

004

In here, you can increase or decrease the ‘Hold images above n% probability’ option.

The lower the percentage selected, the higher chance there is of the image being filtered.

  • Select lower amounts to filter more content.
  • Select higher amounts to allow more content through.

Notify options are useful for informing users when a message is blocked.

If you have a group of, for example, IT users, they can be added to be notified also.

005