Most malware is hidden in attachments. Therefore it is important to restrict what attachments are allowed in and out of your environment. Attachment Management policies do this by allowing Administrators to apply granular attachment handling for individual attachment types in inbound or outbound messages. The policy applies an Attachment Set to specified sender and recipient pairs.
When an attachment is detected that is defined as a blocked attachment, the associated email is accepted. However the attachment is stripped from the email and held in an Administrative queue called Stripped Attachments. If configured, the email will have a notification attached to inform the recipient that an attachment was stripped from the email. If the end user feels that the attachment is legitimate, they can contact their Administrator to request that it is released. These notifications can be customized to include customer specific details. For example, a help desk telephone number for releasing stripped attachments.
Only one Attachment Management Policy can be applied to any given email. If you have multiple Attachment Management policies with the same From and To variables, only one of these will take effect.
Attachment Sets provide a list of attachments that can be used to configure what attachment types should be allowed, blocked, linked or held when being sent outbound or inbound into your Mimecast account. A default attachment set is created during the Mimecast implementation process with the list of Mimecast best practice dangerous file types set to be blocked.
What you need
- An Administrator Console logon with access to the Administration | Gateway | Policies menu item.
- A previously configured Attachment Management Definition.
Creating a policy
To create a policy, follow the instructions in the Creating / Changing a Policy article, but using the following options:
|Policy Narrative||Provide a description for the Policy to allow you to easily identify it in the future.|
|Set Attachment Management Policy|
Use the Lookup button to select the required Attachment Management definition for the policy.
You can have an Attachment Management Bypass policy. See here for further details.