Thank you to everyone who joined our first Maximizing Mimecast webinar of 2026! If you missed it, here's a quick recap of what we covered.
You can also watch the full session by following this link to our knowledge base.
Multi‑Vector Threat Protection: Smarter Delivery Decisions (Available to Everyone)
Senior Product Manager Dylan Morse walked through how Multi-Vector Threat Protection (MVTP) correlates signals across Mimecast's scanning layers - spam, behavioral patterns, URL analysis, and social graphing - to deliver a single, confident verdict on each message.
He showcased an evasive attack where a threat actor hijacked a Booking.com thread and used a new Gmail account and an unseen URL domain to harvest credentials, something that would evade single-layer detection but was caught by MVTP's combined intelligence.
MVTP is available now for all MX-based customers. Setup is simple: start in Monitor Mode, review detections, then move to Enforcement (“quarantine”) when ready. Today, take a moment to check whether MVTP is enabled in your environment. It's a quick win that immediately strengthens protection.
For more detailed guidance on how you can activate it, visit: link.
Graymail Exposure: Reducing Inbox Noise (Available to Everyone)
Dylan afterwards moved into his second topic, Graymail. This type of unwanted email remains the largest category of end-user-reported messages, often accounting for around 75%. Because these messages come from legitimate, authenticated senders, they pass standard checks and clutter inboxes. Dylan outlined the two steps required to help fully route graymail out of users’ primary inboxes:
- Enable "Tag headers as gray mail" in the Mimecast spam scanning policy.
- Create a Microsoft 365 transport rule that moves tagged graymail to junk or another folder of your choice.
If reducing inbox clutter is on your list this year, consider enabling graymail tagging and adding the transport rule. For reference, since activating this rule internally, Mimecast employees’ direct graymail exposure has dropped by 15–30 on average per user per day.
For a step-by-step guide on how to set this up, check out the following article.
Account Takeover Protection: Detect Compromised Email Users (In Early Access)
Senior Product Manager Simon Reddington highlighted why Account Takeover (ATO) is one of the most damaging threats. Attackers use stolen credentials to act as trusted users, evading traditional controls. Mimecast’s new account takeover protection capabilities will provide insight into both pre-compromise signals (like authentication anomalies) and post-compromise behaviors, such as unusual sending patterns.
ATO protection will be enabled on included by default for all customers on the new “Critical”, “Advanced” and “Premium” email and collaboration threat protection plans.
This capability is going to become generally available very soon, so keep an eye on the Mimecast community for updates on this exciting innovation.
Additional Info
- The next Maximizing Mimecast webinar? February 5 - Topic: Maximizing your Human Risk Management Posture – sign up here
- Questions? Please comment under this post or contact your Mimecast account team
