Skip to content
English
More support Sign in
Contact us
  • There are no suggestions because the search field is empty.

Additional Configuration - Mimecast

Key Mimecast policies to configure when setting up your Secure Schools phishing simulations

This guide is for informational purposes only and is based on publicly available procedures for configuring Mimecast policies to accommodate security testing platforms and was authored with the assistance of AI. (Sources)

If you encounter any issues with these steps, please get in touch with your usual support representative at Mimecast directly. 

Key Mimecast Policies to Configure

You must create a new policy for each of the security checks below, ensuring the rule is applied explicitly to the Source IP Ranges listed in our article here: Domains and IP Addresses1provided by your phishing platform vendor.

1. Permitted Senders Policy (Core Deliverability)

  • Purpose: Ensures emails from the phishing platform's sending IP addresses bypass basic Reputation, Greylisting, and Spam Scanning checks, preventing the emails from being rejected or held.

  • Action: Create a new Permitted Senders policy.

  • Key Setting: Set the rule to apply to the Source IP Ranges listed in our article here: Domains and IP Addresses.

2. URL Protection Bypass Policy (Link Integrity)

  • Purpose: Prevents Mimecast from rewriting, sanitising, or blocking the simulated phishing links, ensuring accurate click-tracking and user experience.

  • Action: Create a new URL Protection Bypass policy.

  • Key Setting: Apply the rule to the Source IP Ranges listed in our article here: Domains and IP Addresses. You may also need to add the Phishing Landing Page Domains to a Managed URLs list (set as Permitted), depending on your specific Mimecast configuration.

3. Anti-Spoofing Policy Bypass (Spoofed Sender Protection)

  • Purpose: Allows the simulated phishing emails to appear to come from internal email addresses or trusted brands (spoofing), which Mimecast's Anti-Spoofing service would normally block.

  • Action: Create a new Anti-Spoofing policy.

  • Key Setting: Set the action to Take no action (or similar bypass option) and apply the rule to the Source IP Ranges listed in our article here: Domains and IP Addresses.

4. Impersonation Protection Bypass Policy (BEC/Whaling Protection)

  • Purpose: Prevents Mimecast's advanced anti-impersonation features (which check for things like executive or high-value user names being spoofed) from blocking the simulated email.

  • Action: Create a new Impersonation Protection Bypass policy.

  • Key Setting: Apply the rule to the Source IP Ranges listed in our article here: Domains and IP Addresses. You will need to select the specific Impersonation Protection Definition you wish to bypass.

5. Attachment Protection/Management Bypass Policies

  • Purpose: If your simulations include attachments (e.g., a malicious PDF or DOCX), these policies ensure the attachments are not sandboxed, stripped, or converted by Mimecast's Targeted Threat Protection.

  • Action: Create new policies for Attachment Protection Bypass and Attachment Management Bypass.

  • Key Setting: Apply the rule to the Source IP Ranges listed in our article here: Domains and IP Addresses.

General Steps in Mimecast Admin Console

  1. Log in to your Mimecast Administration Console.

  2. Navigate to Administration toolbar button.

  3. Select the Gateway | Policies menu item.

  4. Select the relevant policy type (Permitted Senders, URL Protection Bypass, etc.).

  5. Click the New Policy button.

  6. Configure the policy settings:

    • Give it a clear Policy Narrative (e.g., "Phishing Platform Permitted Senders").

    • Set Emails From and Emails To to apply to your organisation's internal users.

    • In the Source IP Ranges field, enter the exact IP addresses listed in our article here: Domains and IP Addresses.

    • Ensure Policy Override is checked for priority.

  7. Save the policy.

  8. Repeat for all necessary policy types.

 

Always get the most current and complete list of exact IP addresses listed in our article here: Domains and IP Addresses. Note that these lists can change over time. Using an outdated list will result in failed delivery.