Recently, certain Internet Service Providers (ISP's) have started enforcing their own Acceptable Use Policies. This can cause certain issues for those Mimecast customers using these ISP public IP address blocks.
Previously, these customers were able to send out email on SMTP port 25, however, some ISP's are now transparently routing this traffic through their own email gateways. This is being done in an attempt to eliminate botnet zombie originated spam, and allows these ISP's to enforce their own Acceptable Use Policies.
For those Mimecast customers on these ISP network blocks, their email is no longer directed to Mimecast using the configured SMTP Connector. The email now suddenly bypasses Mimecast, and in most cases is rejected because their sending domain is not registered as an internal email domain for the ISP. The Policy Based List (PBL) rejects these emails, because the PBL asserts that the sending IP should not be allowed to send email directly to the mail server of third parties, unless it is specifically named as a valid gateway, and therefore removed from the PBL list.
The only solution to get around this issue is for the Administrator to amend their SMTP Connector to send emails to Mimecast using SMTP submission, TCP port 587. This will encrypt the connection stream between the customer infrastructure and Mimecast for all outbound emails on port 587, and port 25 will not be used.