URL Pre Scanning Available Now!

dmorse

Stop Malicious URLs Before They Reach Your Users Inbox

Email security is evolving, and Mimecast is leading the charge with a fundamental shift in how we protect your organization from URL-based threats. We're excited to announce URL Pre-Delivery Scan—a capability that transforms our approach from reactive protection to proactive defense.

The Problem We're Solving

Your security team has URL protection enabled. When users click suspicious links, they're blocked. The technology works as designed. Yet users keep reporting "suspicious emails" in their inboxes, frustrated that potentially dangerous messages made it through in the first place.

This perception gap matters. When employees lose confidence in their email security, they ignore legitimate warnings or develop workarounds that introduce new vulnerabilities. Meanwhile, your security team spends valuable time explaining why emails with protected URLs were allowed through—time better spent on strategic security initiatives.

The gap between "protected" and "prevented" has become a competitive disadvantage. Malicious URLs now represent the majority of attacks targeting your users, and traditional approaches that allow suspicious emails into inboxes no longer match user expectations or business requirements.

How URL Pre-Delivery Scan Changes Everything

URL Pre-Delivery Scan brings the full power of Mimecast's multi-step URL inspection pipeline to bear before emails reach any inbox. Real-time page content analysis, brand detection, certificate validation, phishing kit identification, and obfuscation technique detection now happen during initial email processing.

When our system identifies URLs meeting high-risk criteria, it automatically initiates deep inspection, and any messages found to contain malicious URLs are held before delivery. The entire process completes within seconds, ensuring email delivery performance remains unaffected while dramatically reducing human risk exposure.

Intelligent Protection That Works at Email Speed

URL Pre-Delivery Scan employs intelligent resource allocation, focusing deep-scanning capabilities on URLs exhibiting the highest risk characteristics. Our multi-engine detection pipeline evaluates specific risk vectors including URLs flagged by our various engines.

This targeted approach delivers comprehensive protection without compromising the performance your organization depends on.

Three Immediate Benefits

Enhanced Security Posture - By combining pre-scan protection with our existing URL rewriting capabilities, Mimecast now provides comprehensive defense against both immediate threats and URLs that become weaponized after delivery. This dual-layer approach positions you ahead of attackers who rely on timing gaps in traditional security solutions.

Improved User Experience - When threats are stopped before reaching inboxes, employees encounter fewer security warnings and blocking pages. This reduces friction, maintains productivity, and builds confidence that their inbox is genuinely protected.

Reduced Administrative Overhead - By removing emails with URLs that fail enhanced screening, you'll likely see fewer user-reported spam and phishing incidents. That translates to less time spent managing false positive reports and more time focused on strategic security initiatives.

Your Protection Doesn't Stop at Delivery

Enabling pre-delivery scanning doesn't replace our URL rewriting capabilities—it enhances them. URLs not flagged as suspicious during pre-delivery scanning will still be rewritten and checked at the time of click. This continued protection guards against URLs that become weaponized after delivery, ensuring comprehensive coverage across the entire email lifecycle.

Enable in Minutes

Activating URL Pre-Delivery Scan takes just moments:

1. Navigate to Policies | Gateway Policies | URL Protection | Definitions
2. Enable URL Pre-Delivery Scan with the action set to Hold
3. Messages identified as suspicious will be sent to administrator hold for review

Managing held messages fits seamlessly into your existing workflows. If you identify a false positive, simply release the message and add it to managed URLs, just as you handle other held messages today.

Learn More and Get Started

For complete details about this release and rollout information by region, read our Service Update

For step-by-step configuration instructions, read our Knowledge Base Article

Available Now and Take Action Today

URL Pre-Delivery Scan is available at no additional cost, enable it now to experience email security that stops threats before they become problems.

Michael G

@dmorse @Toby Metcalf I wish we could use this but even though the pre-scan feature is completely different and independent from rewriting the URLs in the body, we can't utilize them unless we rewrite the URLs in the body of the email. The "Rewrite mode" dropdown in the screenshot above should have an option of "None", so that we could still use the features of "URL Pre-delivery" and "QR Code Image detection" in the PDF attachments - features that don't require URL rewriting in the body of the email. Why were these bundled together if they are distinct features and why can't we deploy these features "a la carte" without being forced to rewrite the URLs in the body? Please allow Mimecast administrator to pick and choose.