This guide will cover the crucial areas of Mimecast which require whitelisting to ensure our phishing and training emails are delivered directly to your users.
Key Areas to Whitelist
For Mimecast to be compatible with the SATT service, you must whitelist the following areas by standard:
- Permitted Senders
- Greylisting
You only need to whitelist these areas below if you have them installed as part of your Mimecast package:
- Impersonation Protection Bypass
- URL Protection Bypass
We recommend that you whitelist all of the areas stated above which are available in your Mimecast.
Contents
Impersonation Protection Bypass
Permitted Senders
To successfully whitelist our phishing and training e-mails when using Mimecast, you should create a new Permitted Sender policy to allow our simulated test and training emails through.
1. Login to the Mimecast Administration Console. Go to Gateway > Policies:
2. Go to Permitted Senders:
3. Once in, you should see something similar to the below image:
4. Create a New Policy.
- Call the policy SATT Permitted Sender Policy
- Set the Permitted Sender Policy to 'Permit sender'
- Set Addressed Based On to 'The Return Address (Email Envelope From)'
- Set Applies From to 'Everyone'
- Set specifically to 'Applies to all Senders'
- Set Applies To to 'Everyone'
- Set Specifically to 'Applies to all Recipients'
- Set Enable/Disable to 'Enable'
- Set policy as perpetual to 'Always On'
- Set the Date Range to 'All Time'
- Ensure policy override is ticked. This is important as this will ensure the policy overrides any conflicting rules
- Ensure Bi Directional is not ticked
- Copy the source IP ranges below and paste them in the Source IP ranges box.
-
178.17.44.157
178.17.44.156
178.17.44.157
178.17.44.158
178.17.44.178
178.17.44.181
45.157.43.226
193.115.202.252
193.115.202.254
-
If your new Policy looks correct, make sure you click Save and Exit.
This completes the Permitted Sender whitelisting policy configuration. Please follow the rest of the guide in case you have other policies which can also block our e-mails.
Greylisting
By default, adding us to the permitted senders list should bypass Greylisting. However, as best practice, we recommend whitelisting within the Greylisting policy to make sure we do not experience any Delivery issues.
1. Login to the Mimecast Administration Console. Go to Gateway > Policies:
2. Go to Greylisting.
3. Create a New Policy.
Call the policy Disable Greylisting for SATT
Set Select Option to 'Take no action'
Set Addresses Based On to 'The Return Address'
Set Applies From to 'Everyone'
Set Specifically to 'Applies to all Senders'
Set Applies To to 'Internal Addresses'
Set Specifically to 'Applies to all Internal Recipients'
Set Enable/Disable to 'Enable'
Set policy as perpetual to 'Always On'
Set the Date Range to 'All Time'
Ensure policy override is ticked. This is important as this will ensure the policy overrides any conflicting rules
Ensure Bi Directional is not ticked
-
Copy the source IP ranges below and paste them in the Source IP ranges box.
-
178.17.44.157
178.17.44.156
178.17.44.157
178.17.44.158
178.17.44.178
178.17.44.181
45.157.43.226
193.115.202.252
193.115.202.254
-
If your new Policy looks correct, make sure you click Save and Exit.
This completes the Greylisting whitelisting policy configuration. Please follow the rest of the guide in case you have other policies which can also block our e-mails.
Mimecast TTP (Targeted Threat Protection)
If you are subscribed to Targeted Threat Protection, you need to follow these steps for whitelisting:
Impersonation Protection Bypass
Some of our more targeted test emails will utilise spoofing. This is where the email will appear as someone within your organisation. There are two areas in Mimecast which block these emails. These are Impersonation Protection Bypass and Anti-Spoofing.
Please follow the steps below to whitelist the Impersonation Protection Bypass:
1. Login to the Mimecast Administration Console. Go to Gateway > Policies:
2. Go to Impersonation Protection Bypass.
3. Create a New Policy.
Call the rule Disable Impersonation Protection for SATT
For Select Option, click Lookup and select your 'Default Impersonation Protection Definition'
Set Addressed Based On to 'Both'
Set Applies From to 'External Addresses'
Set Specifically to ' Applies to all External Senders'
Set Applies To to 'Internal Addresses'
Set Specifically to 'Applies to all Internal Recipients'
Set Enable/Disable to 'Enable'
Set policy as perpetual to 'Always On'
Set the Date Range to 'All Time'
Ensure policy override is ticked.
Ensure Bi Directional is not ticked
-
Copy the source IP ranges below and paste them in the Source IP ranges box.
-
178.17.44.157
178.17.44.156
178.17.44.157
178.17.44.158
178.17.44.178
178.17.44.181
45.157.43.226
193.115.202.252
193.115.202.254
-
The completed rule should look like this:
URL Protection Bypass
URL Protect can block our phishing and training landing pages. The URL Protection Bypass policy allows you to exclude specific senders or recipients from a URL Protection Policy.
Please follow these steps to bypass URL Protection:
1. Login to the Mimecast Administration Console. Go to Gateway > Policies:
2. Go to URL Protection Bypass.
3. Create a New Policy.
Call the rule Disable URL Protection for SATT
Select the option 'Disable URL Protection'
Set Addressed Based On to 'Both'
Set Applies From to 'Everyone'
Set Specifically to 'Applies to all Senders'
Set Applies To to 'Internal Addresses'
Set Specifically to 'Applies to all Internal Recipients'
Set Enable/Disable to 'Enable'
Set policy as perpetual to 'Always On'
Set the Date Range to 'All Time'
Ensure policy override is ticked.
Ensure Bi Directional is not ticked
-
Copy the source IP ranges below and paste them in the Source IP ranges box.
-
178.17.44.157
178.17.44.156
178.17.44.157
178.17.44.158
178.17.44.178
178.17.44.181
45.157.43.226
193.115.202.252
193.115.202.254
-
Useful Links
If you have issues following this guide or require further support, we advise you raise these queries with your Vendor support. Below is a list of Mimecast support links and useful contact information:
☍ Configuring Permitted Senders Policies
☍ Configuring Attachment Protection Definitions and Policies
☍ Configuring Attachment Management Definitions and Policies
☍ Configuring Suspected Malware Bypass Policies
☍ Configuring Impersonation Protection Definitions and Policies
☍ Configuring Anti-Spoofing Policies
☍ Configuring URL Protection Bypass Policies
☏ 9am - 5pm- 02078478701
☏ Out of Hours - 08450568689
Comments
0 comments
Article is closed for comments.