Required Mimecast Policies

This is a list of Mimecast policies you need to create in order to whitelist EveryCloud in Mimecast. Each policy has been briefly described with regards to EveryCloud’s phishing security test features. We recommend implementing suitable policies in the order in which they have been listed for the highest possibility of success for your phishing tests. 


 

Optional Mimecast Policies

Mimecast Can Re-write Phishing Links. How Can You Prevent This?

To prevent Mimecast from re-writing the links within your phishing tests, add every EveryCloud phish link domain as a Permitted URL in Mimecast. You can contact our support team for an updated list of EveryCloud’s phishing domain. Click here to submit a support ticket. [ADD LINK]

Note: We do not recommend creating an exception if you don’t have exceptions for other senders. If you don’t have exceptions set up for other senders, your end-users might be alarmed, and this might result in inaccurate phishing test results.

Read Mimecast's Targeted Threat Protection: Managed URLs [Check Link] article to learn more about how to disable link re-writing on permitted URLs.

Anti-Spoofing Policy

Follow these guidelines to enable EveryCloud to send emails that appear to originate from an email address at your domain to your end-users, on your behalf.

  1. Login to Mimecast’s admin center.

  2. Click on the Administration toolbar.

  3. Select the Gateway | Policies menu item.

  4. A list of policies will be shown, click on Anti-Spoofing.

  5. Click on New Policy.

  6. Choose the right policy settings under the Options, Emails From, Emails To, and Validity segment. Read Mimecast's Configuring an Anti-Spoofing Policy article to learn more (link opens in a new browser window). 

  7. Enter our IP ranges in the Source IP Ranges field (as shown below). Check this article for an updated list of EveryCloud’s IP addresses. 

 


Ensure that the new policy is saved before you exit. With this new policy, simulated phishing tests originating from our servers that appear to be sent from your company’s domain will be delivered to your end-users inboxes. Before sending a campaign to all your users, we recommend initiating a test campaign to yourself or a small set of people to confirm that the new policy works as intended. 

 

Permitted Senders Policy

To allow our phishing tests and training emails to reach your end-users, you can whitelist EveryCloud by creating a new Permitted Sender policy.

Note: Your default Permitted Sender Policy must remain unchanged. You must create a new policy instead of editing your default policy

Follow the instructions below to allow EveryCloud’s phishing tests and training emails to be successfully delivered to your end-users.

  1. Login to Mimecast’s Administration Console.

  2. Click on the Administration toolbar.

  3. Select the Gateway | Policies menu item.

  4. A list of policies will be shown, click on Permitted Senders.

  5. Click on New Policy.

  6. Choose the right policy settings under the Options, Emails From, Emails To, and Validity segments. Read Mimecast's Configuring a Permitted Senders Policy article to learn more (link opens in a new browser window).

  7. Enter the IP ranges for your EveryCloud account’s location in the Source IP Ranges field (as shown below). Check this article for an updated list of EveryCloud’s IP addresses. 


Ensure that the new policy is saved before you exit. Before sending a campaign to all your users, we recommend initiating a test campaign to yourself or a small set of people to confirm that the new policy works as intended.

 

Attachment Protection Bypass Policy

If you are interested in sending attachments along with your simulated phishing email tests, following the instructions below can increase the chances that emails with attachments from EveryCloud will be delivered successfully to your user’s inbox. Despite following the instructions provided, Mimecast may still interfere with the delivery of the attachments. After creating this policy, we recommend setting up a test campaign to confirm that your attachments are being delivered as intended.

  1. Login to Mimecast’s Administration Console.

  2. Click on the Administration toolbar.

  3. Select the Gateway | Policies menu item.

  4. A list of policies will be shown, click on Attachment Protection Bypass.

  5. Click on New Policy.

  6. Choose the right policy settings under the Options, Emails From, Emails To, and Validity segments. Read Mimecast's Configuring Attachment Protection Bypass Policies article to learn more (link opens in a new browser window).

  7. Enter the IP ranges for your EveryCloud account’s location in the Source IP Ranges field (as shown below). Check here for an up-to-date list of IP ranges.



Ensure that the new policy is saved before you exit. Allow some time for the new policy to propagate, then initiate a phishing test campaign to yourself or a small set of people to confirm the delivery of different types of attachments. 


URL Protection Bypass Policy


Through its URL Protection feature, Mimecast checks and scans all the links in the emails your user receives. These checks often trigger false positives in your simulated phishing tests. Follow the instructions provided below to add a new URL Protection Bypass policy to get error-free phishing test results for your phishing tests.

  1. Login to Mimecast’s Administration Console.

  2. Click on the Administration toolbar.

  3. Select the Gateway | Policies menu item.

  4. A list of policies will be shown, click on URL Protection Bypass.

  5. Click on New Policy.

  6. Choose the right policy settings under the Options, Emails From, Emails To, and Validity segments. Read Mimecast's Configuring a URL Protection Bypass Policy Policies article to learn more (link opens in a new browser window).

  7. Enter the IP ranges for your EveryCloud account’s location in the Source IP Ranges field (as shown below). Check here for an up-to-date list of IP ranges. 



Ensure that the new policy is saved before you exit. Before sending a campaign to all your users, we recommend initiating a test campaign to yourself or a small set of people to confirm that the new policy works as intended. Impersonation Protection Bypass Policy

I

f you want to send phishing or whaling emails posing to have originated from users/domains and appear to be from within your organization, you need to create a new Impersonation Protection Policy in your Mimecast admin center. To implement a new Impersonation Protection Bypass policy, you must first create an Impersonation Protection Definition. Follow the instructions below to create a new Impersonation Protection Definition.


Impersonation Protection Definition

  1. Login to Mimecast’s admin center.

  2. Click on the Administration toolbar.

  3. Select the Gateway | Policies menu item.

  4. A list of definitions will be shown, click on Impersonation Protection.

  5. Click on New Definition.

  6. Name your new Definition  appropriately, for example, "EveryCloud Impersonation Protection Bypass Definition."

  7. Choose the right definition settings under the Identifier Settings, Identifier Actions, General Actions, and Notifications segments as shown below. Read Mimecast's Configuring an Impersonation Protection Definition article to learn more about these settings (link opens in a new browser window). 



Ensure that the new definition is saved before you create a new Impersonation Protection Bypass Policy. 

Impersonation Protection Bypass Policy

  1. Login to Mimecast’s Administration Console.

  2. Click on the Administration toolbar.

  3. Select the Gateway | Policies menu item.

  4. A list of policies will be shown, click on Impersonation Protection Bypass.

  5. Click on New Policy.

  6. Choose the right policy settings under the Options, Emails From, Emails To, and Validity segments. Read Mimecast's Configuring an Impersonation Protection Bypass Policy article to learn more (link opens in a new browser window).

NOTE: Under Options, find the Select Option field and use the new Impersonation Protection Definition you created (above).

  1. Enter the IP ranges for your EveryCloud account’s location in the Source IP Ranges field ().
    as shown below). Check here  for an up-to-date list of IP ranges. 




Ensure that the new policy is saved before you exit. Before sending a campaign to all your users, we recommend initiating a test campaign to yourself or a small set of people to confirm that the new policy works as intended.


Attachment Management Bypass Policy


Mimecast can remove all attachments within a simulated phishing email, this often causes inaccurate phishing security test results. If you want to send phishing tests with attachments, follow the instructions below to create a new Attachment Management Bypass Policy.

  1. Login to Mimecast’s Administration Console.

  2. Click on the Administration toolbar.

  3. Select the Gateway | Policies menu item.

  4. A list of policies will be shown, click on Attachment Management Bypass.

  5. Click on New Policy.

  6. Choose the right policy settings under the Options, Emails From, Emails To, and Validity segments. Read Mimecast's Configuring Attachment Management Bypass Policies article to learn more (link opens in a new browser window).

  7. Enter the IP ranges for your EveryCloud account’s location in the Source IP Ranges field ().
    as shown below). Check here for an up-to-date list of IP ranges.



Ensure that the new policy is saved before you exit. Before sending a campaign to all your users, we recommend initiating a test campaign to yourself or a small set of people to confirm that the new policy works as intended.