An 'Include deleted folders' checkbox allows users to quickly display these folders should they need to recover a folder or message within the folder.
Deleted messages are always displayed inside any folder. This is especially important for customers who undertake mailbox management. Customers can still delete all messages older than a certain age whilst end users still get access to every message that's ever been in the folder.
Registered Applications: The Administration Console was incorrectly being displayed under the Services | Applications | Registered Applications section as it is intended to display all end user application registrations only.
Monitoring: An “Action” column has been added to the Impersonation Protection log page so that you can more easily see if an action was triggered for the logged item.
Login: On the login page you can now request a reset of your Cloud password when you have allowed such functionality on your Authentication Profile.
Server Connections: When deleting a Server Connection the confirmation message now mentions the name of the connection that will be deleted.
Application Switcher: To better cover the function of the application the new “Discovery Reviewer” app has been renamed to “Case Reviewer”.
URL Protection: The validation performed when adding or updating Managed URLs has been updated so that it is less restrictive.
Report as: The confirmation message displayed after you have reported an item as Spam, Malware or Phishing has been reworded.
Policies: The Reputation Definition options have been updated as per the previously published Service Update blog post announcement.
Server Connections: The “Test Connection” option now doesn’t only check for connectivity but also checks if the required application impersonation permissions have been granted.
Policies: When configuring Impersonation Protection policies you can now select the required definition via a “lookup” function instead of only being given a flat list without specifics.
Roles: Under the Monitoring harmonica permissions for the recently released Data Leak Prevention and Impersonation Protection log pages has been added. In preparation for a dedicated Secure Messaging log page permission for such logs have been added too.
Continuity: The validation performed when you attempt to save a Continuity Monitor has been updated so that you no longer receive a warning regarding the required SMS attribute when you’re not using the “SMS User Notifications” option.
URL Protection: On a URL Protection definition you can now select if you want to strip any external CSS and embedded content from an inbound message using the “Strip external source mode” feature. Please review the related Service Update blog post for more information.
Impersonation Protection: The tooltip provided for the “Tag Message Body” and “Tag Subject” options has been updated.
Impersonation Protection: The tooltip provided for the “Ignore Signed Messages” option has been updated.
URL Protection: The dashboard has been refreshed making it easier for you to manage the solution.
Attachment Protection: The dashboard has been refreshed making it easier for you to manage the solution.
Delivery Routes: When configuring a Delivery Routing Definition with a port number other than the default SMTP port (25) a warning will now be displayed.
Reporting: The description provided for the “CSV Data” menu item has been updated to correctly reflect the functionality included in the section.
Audit Logs: The usability of the audit logs section will be increased as per the related Service Update blog post. Expected to be fully completed on Tuesday 6 June 2017.
We're adding an option to the Targeted Threat Protection: URL Protect policy definition that will allow the removal of some external components from inbound messages. You will see this option in the URL Protection definitions as 'Strip external source mode'.
This will be rolled out from Wednesday 31st May onward.
Roles: A new permission labelled “Remove Address from Purge List” has been added for the Internal Directories section offering you more granularity for administrative permissions.
Account Settings: Under the “Directory Options” section the field where you can select a Directory Connector has been removed as it is now obsolete.
Continuity: When selecting the “Test Email Address” during the configuration of the Outbound Check on a Continuity Monitor the list of addresses to choose from will no longer include alias addresses.
Account Settings: Under the “User Access and Permissions” section you will now find an option to “Allow Weak Ciphers for Secure Receipt” giving you more control over TLS connections into the Mimecast MTA.
We now have dedicated logging for Impersonation Protection which will provide better visibility of potential impersonation attacks. In addition there will be enhanced logging for messages triggering Content Examination policies for your data leak prevention solution.
To find your logs navigate to Monitoring under the Administration section on your Mimecast Console.
Just so you know Secure Messaging logging is also on it's way so keep an eye out for updates.
Authorized Outbounds: We’ve corrected the spelling mistake found on this section for Advanced Account Administration setups.
Dashboard: The Notification feed now correctly displays the date of the second item in the list after applying the “Service” or “Product” filter.
IM Archive: When using the “Export Data” option after an IM Archive Search the CSV/XLS file will now hold the correct data.
Internal Directories: The correct address type indicator will be displayed for manually created internal addresses.
Directory Synchronization: Manually triggered synchronizations should no longer incorrectly result in an error being displayed.
Session handling: Should a section fail to load due to the application not responding a pop-up will now be displayed requesting you to try again later.
Advanced Account Administration: The “Migration Administrator” role will now be available by default on Advanced Account Administration setups.
Internal Directories: The mechanism behind removing an address from the purge list has been updated.
Internal Email Protect: The warning displayed when you configure a User Mailbox Action while a required Server Connection isn’t present or isn’t able to correctly connect has now been limited for Advanced Account Administration setups so that it will only display on Mail Processing accounts.
Mimecast is pleased to announce that additional email security information for Targeted Threat Protection has been added to the Data Logging API. For customers subscribing to our Targeted Threat Protection URL Protect and / or Attachment Protect features, additional information is available for malicious activity detected by Mimecast.
For URL Protect, all links scanned by Mimecast that are found to be malicious will be logged.
The data logs include the malicious URL clicked, and the transmission details of the original email containing the URL:
source IP address
For Attachment Protect, all files found to be malicious when processed by the sandbox will be logged.
The data logs include comprehensive details about the malicious file:
md5, sha1, sha256 hashes
as well as the transmission details of the original email that the file was attached to:
source IP address
This new data about malicious URLs and attachments detected can be used for a number of use cases, for example,
as a data source for SIEM systems to:
alert on malicious events,
aid in incident response investigations,
and to demonstrate the value of the TTP service internally,
as a data source for analytics applications,
as a data source to update other gateway security appliances and intrusion detection systems.