How to Whitelist in Mimecast

Ensure that important emails from trusted sources, like training notifications or phishing simulation emails, bypass Mimecast's usual filtering processes by following these steps. This document guides you through setting up various policies within Mimecast to improve the deliverability and reliability of these critical communications.

Impersonation Protection Bypass Policy

To prevent Mimecast from blocking emails from known and safe sources due to impersonation protection rules, set up an Impersonation Protection Bypass Policy.

Note the IP addresses to be allowed.
Log in to your Mimecast Administration Console.
Navigate to Administration > Gateway | Policies.
Choose Impersonation Protection Bypass from the policies list and click New Policy.
Configure the policy:
- Applies From: Everyone (using IP addresses/Hostnames as the source)
- Applies To: Everyone
Enter the specific IP addresses under Source IP Ranges.
Save the policy settings.

For more information on these settings, see Mimecast's Configuring an Impersonation Protection Bypass Policy article.

Anti-Spoofing Policy

Set up an Anti-Spoofing Policy to allow emails that appear to be coming from your domain.

Note the IP addresses to be allowed.
Access Gateway | Policies via the Administration tab.
Select Anti-Spoofing, then New Policy.
Define the policy:
- Emails From: Everyone (utilizing IP addresses)
- Emails To: Everyone
Add the Keepnet IP addresses in the Source IP Ranges.
Commit the changes to ensure that emails are recognized as legitimate. Configure Anti-Spoofing

For more information see Mimecast's Configuring an Anti-Spoofing Policy article.

Permitted Senders Policy

To allowlist emails specifically for training and phishing simulation:

Note the IP addresses to be allowed.
Go to Gateway | Policies and select Permitted Senders.
Click New Policy and set the parameters:
- Emails From: Everyone (with specified IPs)
- Emails To: Everyone
Include the relevant IP addresses in Source IP Ranges.
Finalize the settings by saving the policy.

For more information on these settings see Mimecast's Configuring a Permitted Senders Policy article.

URL Protection Bypass Policy

For accurate phishing test results, exclude certain URLs from Mimecast's URL Protection.

You can find the phishing simulation domains by logging into the platform and then going to Phishing Simulator > Settings > Domains page.

Under Gateway | Policies, select URL Protection Bypass and then New Policy.
Adjust the policy settings:
- Applies From: Everyone (IP addresses/hostnames as the source)
- Applies To: Everyone
Input the applicable IP ranges in Source IP Ranges.
Save your changes to activate the policy.

For more information on these settings, see Mimecast's Configuring a URL Protection Bypass Policy article

Final Steps

After setting up these policies, conduct a small-scale test to ensure everything functions as intended before rolling out to your entire organization. This verification step is crucial to prevent disruptions and ensure that all settings are correctly applied.

PreviousHow to Whitelist an IP Address in Google Workspace NextWhitelisting in Other Security Solutions

Last updated 10 months ago

Was this helpful?

Impersonation Protection Bypass Policy

To prevent Mimecast from blocking emails from known and safe sources due to impersonation protection rules, set up an Impersonation Protection Bypass Policy.

Note the IP addresses to be allowed.

Log in to your Mimecast Administration Console.

Navigate to Administration > Gateway | Policies.

Choose Impersonation Protection Bypass from the policies list and click New Policy.

Configure the policy:

Applies From: Everyone (using IP addresses/Hostnames as the source)
Applies To: Everyone

Enter the specific IP addresses under Source IP Ranges.

Save the policy settings.

Anti-Spoofing Policy

Set up an Anti-Spoofing Policy to allow emails that appear to be coming from your domain.

Note the IP addresses to be allowed.

Access Gateway | Policies via the Administration tab.

Select Anti-Spoofing, then New Policy.

Define the policy:

Emails From: Everyone (utilizing IP addresses)
Emails To: Everyone

Add the Keepnet IP addresses in the Source IP Ranges.

Commit the changes to ensure that emails are recognized as legitimate. Configure Anti-Spoofing

Permitted Senders Policy

To allowlist emails specifically for training and phishing simulation:

Note the IP addresses to be allowed.

Go to Gateway | Policies and select Permitted Senders.

Click New Policy and set the parameters:

Emails From: Everyone (with specified IPs)
Emails To: Everyone

Include the relevant IP addresses in Source IP Ranges.

Finalize the settings by saving the policy.

For more information on these settings see Mimecast's Configuring a Permitted Senders Policy article.

URL Protection Bypass Policy

For accurate phishing test results, exclude certain URLs from Mimecast's URL Protection.

You can find the phishing simulation domains by logging into the platform and then going to Phishing Simulator > Settings > Domains page.

Under Gateway | Policies, select URL Protection Bypass and then New Policy.

Adjust the policy settings:

Applies From: Everyone (IP addresses/hostnames as the source)
Applies To: Everyone

Input the applicable IP ranges in Source IP Ranges.

Save your changes to activate the policy.