Gateway Policies allow an Administrator to apply granular control to the flow of email messages as they are processed by Mimecast. They are:
- A set of rules that affect the flow of email traffic.
- Applied to either inbound or outbound messages.
There are a number of policy types, each of which has a specific purpose as outlined below. Each policy has a set of options. Some policies allow more specific settings to be configured by use of a separately configured definition. Where this is the case, the table below states this.
The policies available to you, depends on the Mimecast product you've purchased.
Policy TypeDefinition Required?Description
| Yes |
Modifies the email addresses of inbound or outbound messages as they are processed ,based on the either the sender / recipient email address or header / envelope information. |
|
| No | Overrides an existing Address Alterations Policy. | |
| No | Blocks unwanted inbound spoofed emails. | |
| Anti-Spoofing SPF Based Bypass | No | Ensures your internal users can still receive communication sent by a trusted third party on your behalf. |
| No | Blocks delivery of attachments over a specific file size. The recipient receives only the email body, with a message informing them of the attachment's removal. | |
| No | Places delivery of messages with attachments over a specific file size, on the Administrator On Hold queue. The recipient receives a notification to this effect. | |
| No |
Strips an attachment from an email if it exceeds a specified size. The recipient receives only the email body, with a notification containing a link that allows them to download the attachments. |
|
| Yes | Provides a list of attachments that can be used to configure what attachment types should be allowed, blocked, linked or held. | |
| No | Overrides an existing Attachment Block on Size, Attachment Link on Size, or Attachment Management policy. | |
| No | Overrides emails from users listed in the Auto Allow database from being subjected to the typical IP reputation and spam checks. Instead they are only scanned for viruses. | |
| No | Creates exceptions for an Auto Allow policy. | |
| Yes |
Automatically issues a response to the senders of inbound emails to Mimecast. |
|
| No |
Rescans a held email for spam and viruses after it has been released by either the Administrator or a user. |
|
| No | Restricts messages to or from specific email addresses or domains. | |
| No |
Allows internal users to send confidential messages to external recipients. Instead of sending the email to the recipient's mail server, the recipient can view and respond using Mimecast Personal Portal (MPP), or Mimecast Services for Outlook (MSO). |
|
| Yes |
Prevents email delivery by specifying what content to look for, and what action should be taken if a match is found. Matches emails are sent to the Held queue. Additionally notifications can be sent for specific senders / recipients or groups of users. |
|
| Yes | Ensures certain users, groups or domains are not subjected to a particular Content Examination Policy. | |
| No | Configures a group of users to review, release, or reject held emails. | |
| No | Decrease the retention period of particular messages (in days) to a value less than your Maximum Account Retention. | |
| No | Decrease the retention period of particular messages (in minutes) to a value less than your Maximum Account Retention. | |
| Yes | Specifies the route used to deliver emails to and from Mimecast, including details of the delivery destination (e.g. the Host Name or IP Address of the email server). | |
| Yes | Configures email notifications that give the end user direct control over emails that have been quarantined by Mimecast security policies. | |
| Disclaimer Assignment | Yes | Controls if and when to assign a disclaimer to an email, by applying a Stationery Layout. This policy is only available if you have not purchased the Stationery module. If you have the Stationery module, this functionality is provided by the Stationery policy type. |
| Yes | Controls the types of email authentication checks that are performed when Mimecast receives an email. | |
| Yes |
Strips revision information from documents, including document properties, author credentials, tracked changes, comments, and Microsoft Visual Basic for Applications macros. |
|
| No | Ensures certain users, groups or domains are not subjected to a particular Content Examination policy. | |
| No | Ensures that email is never altered by a Stationery Layout, Address Alteration, Attachment Link on Size, Document Services, or Scan Settings Policy policy. | |
| No | Sets an email size limits for both inbound and outbound emails. Any emails exceeding the specified size will be rejected. | |
| Yes |
Sets a rule that an email from / to specific email addresses are not delivered to the original recipient, but delivered to an alternate address. |
|
| No | Allows you to receive emails from legitimate senders, whose Message Transfer Agent has not been correctly configured. | |
| No | Enables individuals or Groups to be blind copied on emails. | |
| No |
Allows Mimecast for Outlook or Mimecast for Mac users to control the way emails are sent. |
|
| No | Bypasses Mimecast's data optimization activities whereby the message content is exploded, or attachments saved under the single instance storage mechanism. Instead emails are delivered as the original raw file. | |
| No | Bypasses the checks made to ensure a message structure conforms to RFC standards. | |
| No | Limits the life of message metadata (in days) to a value less than your company's maximum account retention period. | |
| No | Limits the life of message metadata (in minutes) to a value less than your company's maximum account retention period. | |
| Yes | Controls the system notifications generated for certain email delivery events. | |
| Permanent MX Resolution Failures | No | Allows administrators to specify a threshold of delivery attempts. After the threshold is reached, an outbound message should be hard bounced if the MX resolution performed by the Mimecast Message Transfer Agent (MTA) results in a permanent failure. |
| No |
Ensures inbound emails bypass security checks (reputation and spam checks) but not virus checks. Emails are delivered directly to internal recipients, without the risk of the message being rejected or placed in the Held queue. |
|
| Yes | Specifies the reputation checks applied to Inbound emails. | |
| Yes | Specifies how Transport Layer Security (TLS) technology is used to protect confidentiality and data integrity, thereby ensuring emails are transmitted through an SSL encrypted tunnel. | |
| Yes | Secure Messaging allows internal users to transmit confidential messages to external recipients. | |
| No | Disables secure messaging functionality that allows internal users to transmit confidential messages to external recipients. | |
| No |
Specifies how emails form a sender are received by Mimecast using Transport Layer Security (TLS). |
|
| No |
Bypasses the check to reject inbound emails where the internal recipient address holds a Sieve Sub extension. |
|
| No | Links emails to Smart Tags based on the sender and recipient details. | |
| No | Overrides a Smart Tag Assignment policy. | |
| No | Overrides a Smart Tag Assignment policy. | |
| Yes | Configures spam scanning to check the content of all inbound emails. Spam Scanning can be configured to apply to different levels of sensitivity and actions, should the policy be triggered. | |
| Yes | Controls if and when to apply Stationery to an email. | |
| No | Bypasses an existing Stationery policy. | |
| Yes | Provides protection against previously unknown threats. | |
| No | Bypasses an existing Suspected Malware policy. | |
| Yes | Controls whether email attachments are safe, and how the recipient can access them. | |
| No | Bypasses an existing Targeted Threat Protection - Attachment Protect policy. | |
Carlos Rios
Comments