Allowlisting Mimecast solutions

Overview

Mimecast has many security features (packages) that need to be bypassed in order to ensure Hoxhunt's training emails are delivered correctly to recipients.

IMPORTANT!
  • If you are using Mimecast's Internal Email Protect, use the instructions in this article to allowlist Hoxhunt in your Mimecast. Also make sure you have configured Skip Listing so Hoxhunt's sender IP gets preserved.
  • If you don't have Mimecast's Internal Email Protect in use, we highly recommend to bypass Mimecast by setting up a Partner Receive Connector between Hoxhunt and your Exchange service for optimal delivery.

 

Following policies need to be bypassed for Hoxhunt:

Anti-Spoofing Policy
Permitted Senders Policy
Attachment Protection Policy
URL Protection Policy
Impersonation Protection Policy
Attachment Management Policy
Auto-Allow Policy
Block sender policy
Greylisting policy
DNS Authentication Policy
CyberGraph Policy
Message Passthrough Policy (do not explode message content)
Advanced BEC Policy (see instructions)

 

Here are Hoxhunt IP addresses you need for configuring the policy bypasses:

193.3.183.0/25
35.156.0.138
 

TIP
If there is an existing policy for allowed IP addresses, there will be an entry that states it applies ‘From Everyone’ and ‘To Everyone’, if you click on this and look at the Validity section at the bottom, you may see existing allowlisted IP addresses. If this is the case, then you can add any further required IP addresses to the Validity section here.

If there is no existing policy defined as ‘From Everyone’ and ‘To Everyone’ to permit senders, then follow the instructions below.

 

Below is an example of how Permitted Senders Policy should be configured.
(See Mimecast's article for more information about configuring Permitted Senders Policy

  1. Login to the Mimecast Administration Console.
  2. Go to Gateway > Policies.
  3. Select Permitted Senders from the list.
  4. Click New Policy.
  5. Under Policy Narrative, enter an easy to understand name, such as ‘Hoxhunt Permitted Senders’.
  6. Under Permitted Sender Policy, select Permit Sender.
  7. Under Emails from, set Applies from as Everyone.
  8. Under Emails to, set Applies to as Everyone.
  9. Under Validity, check the Policy Override checkbox.
  10. Add the Hoxhunt IP addresses required in the Source IP Ranges box.
NOTE from Mimecast documentation
"Now that we may not bypass Greylisting, RBL, and Spam checks for inbound messages, it is important to check the results of these checks to understand why a message was not delivered. This is because we may no longer bypass all of these checks."

 

NOTE
Mimecast clicks will originate from various IP hosting companies

When monitoring IP addresses associated with clicked links in your environment, you may observe activity that does not originate from Mimecast-owned IP addresses, or IP addresses listed on this page. As part of the Mimecast threat detection stack, the URL scanning layer can utilize various 3rd party vendors whose IP ranges are subject to change and are not tracked or disclosed by Mimecast. Furthermore, Mimecast employs anonymization techniques to prevent threat actors from recognizing and evading our scanners. To protect Mimecast customers, the associated IP addresses will not be disclosed.

Source: Mimecast URL Scanning Activity (link)

 

 

Was this article helpful?

4 out of 8 found this helpful

Have more questions? Submit a request