Gateway Policy Types

Document created by user.oxriBaJeN4 Employee on Sep 11, 2015Last modified by user.oxriBaJeN4 Employee on Jul 19, 2019
Version 47Show Document
  • View in full screen mode

Gateway Policies allow an Administrator to apply granular control to the flow of email messages as they are processed by Mimecast. They are:

  • A set of rules that affect the flow of email traffic.
  • Applied to either inbound or outbound messages.


There are a number of policy types, each of which has a specific purpose as outlined below. Each policy has a set of options. Some policies allow more specific settings to be configured by use of a separately configured definition. Where this is the case, the table below states this.

The policies available to you depends on the Mimecast product you've purchased.

Policy TypeDefinition Required?Description

Address Alterations


Modifies the email addresses of inbound or outbound messages as they are processed, based on either the sender / recipient email address or header / envelope information.

Address Alterations Bypass

NoOverrides an existing Address Alterations policy.


NoBlocks unwanted inbound spoofed emails.
Anti-Spoofing SPF Based BypassNoEnsures your internal users can still receive communication sent by a trusted third party on your behalf.

Attachment Block on Size

NoBlocks delivery of attachments over a specific file size. The recipient receives only the email body, with a message informing them of the attachment's removal.

Attachment Hold on Size

NoPlaces delivery of messages with attachments over a specific file size, on the Administrator On Hold queue. The recipient receives a notification to this effect.

Attachment Link on Size


Strips an attachment from an email if it exceeds a specified size. The recipient receives only the email body, with a notification containing a link that allows them to download the attachments.

Attachment Management

YesProvides a list of attachments that can be used to configure what attachment types should be allowed, blocked, linked or held.

Attachment Management Bypass

NoOverrides an existing Attachment Block on Size, Attachment Link on Size, or Attachment Management policy.

Auto Allow

NoOverrides emails from users listed in the Auto Allow database from being subjected to the typical IP reputation and spam checks. Instead, they are only scanned for viruses.

Auto Allow Creation

NoCreates exceptions for an Auto Allow policy.

Auto Response


Automatically issues a response to the senders of inbound emails to Mimecast.

AV Scan on Release


Re-scans a held email for spam and viruses after it has been released by either the Administrator or a user.

Block Senders

NoRestricts messages to or from specific email addresses or domains.

Closed Circuit Messaging


Allows internal users to send confidential messages to external recipients. Instead of sending the email to the recipient's mail server, the recipient can view and respond using Mimecast Personal Portal (MPP), or Mimecast Services for Outlook (MSO).

Content Examination


Prevents email delivery by specifying what content to look for, and what action should be taken if a match is found. Matches emails are sent to the Held queue. Additionally, notifications can be sent for specific senders / recipients or groups of users.

Content Examination Bypass

YesEnsures certain users, groups or domains are not subjected to a particular Content Examination Policy.

Content Overseers

NoConfigures a group of users to review, release, or reject held emails.

Content Preservation (Days / Minutes)

NoDecrease the retention period of particular messages (in days or minutes) to a value less than your Maximum Account Retention.

Delivery Failure Routing Count

NoAllows you to define how many retry attempts Mimecast should make before issuing a bounce to the sender.

Delivery Routing

YesSpecifies the route used to deliver emails to and from Mimecast, including details of the delivery destination (e.g. the Host Name or IP Address of the email server).

Digest Sets

YesConfigures email notifications that give the end user direct control over emails that have been quarantined by Mimecast security policies.
Disclaimer AssignmentYesControls if and when to assign a disclaimer to an email, by applying a Stationery Layout. This policy is only available if you have not purchased the Stationery module. If you have the Stationery module, this functionality is provided by the Stationery policy type.

DNS Authentication

YesControls the types of email authentication checks that are performed when Mimecast receives an email.

Document Services


Strips revision information from documents, including document properties, author credentials, tracked changes, comments, and Microsoft Visual Basic for Applications macros.

Document Services Bypass

NoEnsures certain users, groups or domains are not subjected to a particular Content Examination policy.

Email Alteration Bypass

NoEnsures that email is never altered by a Stationery Layout, Address Alteration, Attachment Link on Size, Document Services, or Scan Settings policy.

Email Size Limits

NoSets an email size limits for both inbound and outbound emails. Any emails exceeding the specified size will be rejected.

Forwarding Address


Sets a rule that an email from / to specific email addresses are not delivered to the original recipient, but delivered to an alternate address.

Geographical Restrictions


Allows administrators to permit or block IP addresses listed in our country specific IP database, thereby controlling which countries can connect to the Mimecast Gateway.


NoAllows you to receive emails from legitimate senders, whose Message Transfer Agent has not been correctly configured.

Group Carbon Copy

NoEnables individuals or Groups to be blind copied on emails.

Message Actions


Allows Mimecast for Outlook or Mimecast for Mac users to control the way emails are sent.

Message Passthrough

NoBypasses Mimecast's data optimization activities whereby the message content is exploded or attachments saved under the single instance storage mechanism. Instead, emails are delivered as the original raw file.

Message Sanitization Bypass

NoBypasses the checks made to ensure a message structure conforms to RFC standards.

Metadata Preservation (Days / Minutes)

NoLimits the life of message metadata (in days or minutes) to a value less than your company's maximum account retention period.

Notification Sets

YesControls the system notifications generated for certain email delivery events.
Permanent MX Resolution FailuresNoAllows administrators to specify a threshold of delivery attempts. After the threshold is reached, an outbound message should be hard bounced if the MX resolution performed by the Mimecast Message Transfer Agent (MTA) results in a permanent failure.

Permitted Senders


Ensures inbound emails bypass security checks (reputation and spam checks) but not virus checks. Emails are delivered directly to internal recipients, without the risk of the message being rejected or placed in the Held queue.

Reputation Policy

YesSpecifies the reputation checks applied to Inbound emails.

Secure Delivery

YesSpecifies how Transport Layer Security (TLS) technology is used to protect confidentiality and data integrity, thereby ensuring emails are transmitted through an SSL encrypted tunnel.

Secure Messaging

YesSecure Messaging allows internal users to transmit confidential messages to external recipients.

Secure Messaging Bypass

NoDisables secure messaging functionality that allows internal users to transmit confidential messages to external recipients.

Secure Receipt


Specifies how emails from a sender are received by Mimecast using Transport Layer Security (TLS).

Sieve Sub-Address


Bypasses the check to reject inbound emails where the internal recipient address holds a Sieve Sub extension.

Smart Tag Assignment

NoLinks emails to Smart Tags based on the sender and recipient details.

Smart Tag Bypass (Administrative / Personal)


Overrides a Smart Tag Assignment policy (for either an administrative or personal use).

Spam Scanning

YesConfigures spam scanning to check the content of all inbound emails. Spam Scanning can be configured to apply to different levels of sensitivity and actions, should the policy be triggered.


YesControls if and when to apply Stationery to an email.

Stationery Exclusion

NoBypasses an existing Stationery policy.

Suspected Malware

YesProvides protection against previously unknown threats.

Suspected Malware Bypass

NoBypasses an existing Suspected Malware policy.

Targeted Threat Protect - Attachment Protect

YesControls whether email attachments are safe, and how the recipient can access them.

Targeted Threat Protect - Attachment Protect Bypass

NoBypasses an existing Targeted Threat Protection - Attachment Protect policy.

Targeted Threat Protect - URL Protect

YesControls the URLs in emails, and how the recipient accesses the web content.

Targeted Threat Protect - URL Protect Bypass

NoBypasses an existing Targeted Threat Protection - URL Protect policy.

See Also...


4 people found this helpful