Apply Secure Messaging Based on the Content of a Message

Document created by user.oxriBaJeN4 Employee on Sep 8, 2015Last modified by user.oxriBaJeN4 Employee on Mar 27, 2017
Version 6Show Document
  • View in full screen mode

Secure Messaging can be triggered by admin defined content found in outbound messages, to ensure that business critical, company sensitive information does not leave the control of your messaging environment. Follow the steps in this guide to enable this feature.


What You'll Need


  • A Mimecast admin account with permission to the Administration | Gateway | Policies menu.



Whilst reading this article, it is beneficial to also read the Content Examination definition article for further information.

Step 1: Create a Content Definition


  1. Login to the Administration Console and navigate to the Administration | Gateway | Policies menu.
  2. Find the Content Examination item in the list and click the Definitions button, to load a list of any previously created Content Examination definitions.
  3. Click the the plus icon on the root folder in the left hand pane of the page to create a new folder.
  4. To rename the folder;
    • click on the New Folder to select it,
    • type your new name in the text box at the top of the folder list, for example, "My Content Examination Definitions,"
    • press Enter to apply the folder name change.
  5. With your new folder selected click the New Content Definition button in the menu bar.
  6. In the Policy Definition section:
    • add a Description so that you can easily identify the definition later
    • leave the Definition Type as Independent Content Definition
    • and set your Activation Score.
      • Each word you enter in the scanning option below will be assigned a number,
      • When the word is first found in an individual message component, for example, the message body, or a message attachment the score of the message is incremented by the number associated with that word.
      • For example if your word is found in both the message body and one message attachment the message score will incremented twice by the number associated with that word.
  7. In the Scanning Options section:
    • Enter the words that you wish to trigger Secure Messaging followed by ......
    • Select if the definition should apply a Case Sensitive Match.
    • Select if the definition should Match Multiple Words. This will increment the message score for every occurrence of a word found not just the first instance found.
    • Finally select which message components the definition should look for your defined words.
  8. In the Policy Override Options:
    • Click the Lookup button next to the Secure Messaging Override field to select a Secure Messaging definition.
    • Leave all the other settings as the system default.

      This will ensure that any message triggering this definition are definitely sent using Secure Messaging and make your implementation simple to maintain and troubleshoot if required.

  9. In the Notification Options, optionally select who should be notified if this definition is triggered.
  10. Finally click Save an Exit. At this stage the definition will not be applied, but will be available to be applied in a policy.


Step 2: Apply the Content Definition Using a Policy


  1. Login to the Administration Console and navigate to the Administration | Gateway | Policies menu.
  2. Click on Content Examination from the list of policy types on the page to view of list of any policies already created.
  3. Click the New Policy button from the menu bar.
  4. Enter a description of the policy in the Policy Narrative text box.
  5. Use the Lookup button to select the Content Examination definition that you created in the previous step.
  6. Select which senders and recipients the policy should apply to in the Emails From and Emails To sections.

    Secure Messaging can apply to messages both inbound and outbound . Be sure to consider this when selecting senders and recipients in this section.

  7. In the Validity section optionally set:
    • the date range that the policy should be active, use the Always On button to set all time,
    • Policy Override to force the policy to apply in the situation where there are conflicting policies
    • Source IP Ranges to specify if the policy should only apply when the Mimecast receives a connection from the defined IP's.
  8. Do not set the Bi Directional setting as a Secure Messaging policy is for internal to external messages only.
  9. Click Save and Exit to apply the policy.


Next Steps


Once the policy is saved, outbound messages containing the content specified in your Content Definition and matching the communication pair specified in your policy will be delivered via Secure Messaging using the system default Secure Messaging definition.


Content triggered Secure Messaging does not support custom definitions.

3 people found this helpful