Microsoft's New Outlook represents a significant shift in how organizations interact with their email systems. This transition has important implications for Mimecast customers using products like Large File Send, Secure Messaging, Continuity, and Cybergraph. Let us explore what these changes mean and how to navigate them effectively.
Understanding the New Outlook Architecture
New Outlook embodies Microsoft's vision to unify its email experience across platforms. Unlike the classic Outlook client built on the Win32 framework, New Outlook is web-based, utilizing Edge WebView2 technology. This transition represents a fundamental shift from a locally installed application to a web application running in a desktop container. The key architectural changes include:
- Migration from MAPI/RPC connections to a REST API framework.
- Shift from local data storage to cloud-synchronized content.
- Replacement of the COM Add-in model with a web add-in architecture.
- Integration with Microsoft's React-based Fluent UI design system.
Through our many discussions with customers, we have found that there is a misunderstanding regarding our ability to update our add-ins for New Outlook and the differences between COM and web-based add-ins. COM Add-ins are legacy extensions that play a vital role in enabling third-party applications to interact with classic Outlook. These add-ins run directly within Outlook's process, providing granular access to internal APIs and features. This deep integration allows for extensive customization, such as the addition of custom ribbons and context menus. Also, COM Add-ins facilitate the dynamic routing of outbound emails and real-time content updates that Mimecast uses for some of our applications listed below.
However, Microsoft is phasing out COM Add-ins for the New Outlook due to several critical factors. Primarily, these add-ins have been linked to stability and performance issues, often causing crashes and slowdowns within the Outlook process. Additionally, their extensive access to Outlook's internal APIs raises significant security concerns, furthermore, COM Add-ins are limited to the Windows platform, rendering them incompatible with the cross-platform capabilities of the New Outlook.
Web-based add-ins for the New Outlook, while offering improved security and cross-platform compatibility, impose limitations compared to the comprehensive capabilities of COM Add-ins. Unlike their predecessors, which could access any aspect of Outlook due to their integration within the application, Web Add-ins are restricted to the Office JavaScript API. This API provides a limited set of functionalities, preventing developers from interacting with Outlook's core processes or utilizing low-level features. Consequently, Web Add-ins cannot replicate advanced functionalities, such as extensive UI modifications beyond predefined options. While COM Add-ins allowed developers the freedom to create rich, integrated experiences, the tightly controlled environment of Web Add-ins ensures security and stability, at the cost of overall functionality and flexibility.
The architectural changes in the New Outlook significantly affect how Mimecast integrates with Outlook. Consequently, existing Mimecast for Outlook add-ins must be updated to align with the new web add-in model, which may lead to changes in functionality due to differences in available API capabilities.
Impact on Mimecast Products
With the arrival of the New Outlook, it is important for customers using Mimecast products to know how to make the most of them. This means some features might work a bit differently, so it is a good idea to stay informed about the changes. While the transition may require some adjustments, Mimecast is here to help you keep your email secure and provide access to the feature and capabilities you are used to.
Archive Search
Users needing to perform archive searches will need to navigate to the Mimecast Personal Portal to access their archived content. The portal provides all the familiar search capabilities you are used to, including advanced search filters, date ranges, and message content search.
Continuity
During a continuity event, users will need to be notified through another mechanism and then navigate to the Mimecast Personal Portal to continue interacting with their email content and sending and receiving emails. This change means that the integration with Outlook is no longer as seamless.
By default, during a continuity event, all emails sent and received will be bcc’d back to the user's mailbox when the mail platform becomes available again. In certain circumstances this feature may have been disabled but can be re-enabled if required by adjusting your account settings within user and access permissions.
CyberGraph
Administrators can configure CyberGraph banners as text warnings instead of dynamic content. This configuration setting can be made at the organization level and applies to all users. If you wish to read the original service update on this issue, click here.
Large File Send
Users looking to send large files via Large File Send will need to navigate to the Mimecast Personal Portal to share content. All the usual options are available such as expiry date, access key etc. Similarly to Continuity, this change means that the experience is no longer as seamless, so users should familiarize themselves with the portal's layout and features.
Secure Messaging
Secure Messaging end users have two options for sending secure emails. Option one is to use the Mimecast Personal Portal, where users can log in to manage their secure messages and send new ones directly through the portal. All the same options available in Mimecast for Outlook (MfO) are accessible here. For option two, administrators can define content examination definitions and policies which can trigger secure messages based on different keywords. For example, adding the word 'Secure' will trigger a 7-day validity period with no printing or replies allowed, while 'Confidential' sets the validity to 1 day, etc. Users simply add these trigger words to the subject line of their emails to activate the appropriate policy. Both options ensure that users can continue to send secure messages efficiently.
What is Mimecast doing?
Mimecast is enhancing your experience through a two-phase approach that delivers improvements to our solution while building toward a unified solution to address some of your biggest needs.
Intermediate Solution:
We're currently in the process of either updating Mimecast Essentials for Outlook (MEO) or developing a new add-in to include better integration with the Mimecast Personal Portal, which is getting a modern redesign at the same time. To make things easier for users during continuity events, we are adding a notification option to notify users when a continuity event has started, directing them to access the Mimecast Personal Portal when needed. We expect to have this interim solution ready for you in late summer 2025.
Long Term Solution:
In conjunction to the interim solution we are in the process of designing a completely new, modern web portal that brings together all the features you know from Mimecast for Outlook, Mimecast for Mac, Mimecast Mobile (Android and iOS), and the Mimecast Personal Portal into one versatile platform. To ensure we deliver this solution effectively, we are taking a phased approach. Phase 1, will establish the framework, introduce the basic portal, and deliver Archive Search functionality. Following this, we will implement additional features in subsequent phases, including Continuity, Secure Messaging, Large File Send, and Gateway functionalities such as Stationery, Hold Queue management, and Block lists. We are targeting early 2026 for the completion of Phase 1, with additional phases to follow as we work towards a unified experience.
We will be continuing to update this post as our development is finalized.
