Mimecast uses a series of reputation checks when processing inbound email. One of these checks is called Auto Allow. This relates to external email addresses that internal end users have previously sent emails to. These external addresses are stored in the Auto Allow database and are considered to be known trusted senders. Addresses in the Auto Allow database are treated similarly to those listed in the Permitted Senders list.
With an Auto Allow policy, any inbound email from a sender listed in the Auto Allow database, are not subjected to the typical IP reputation and spam checks. Instead it will only be scanned for viruses.
Auto Allow entries are:
- Created when emails have actively been created by end users.
- Not generated when:
- Auto-responses are sent (including Out of Office messages).
- Suspected spam related emails are released from the Hold Queue or using the Digest, and the recipient subsequently replies to the sender.
Auto Allow entries are configured in your Managed Senders.
Using an Auto Allow policy means that Mimecast can process inbound emails more efficiently and effectively. As this policy is “always on”, the database continues to grow. When an internal user sends a message, Mimecast captures the recipients email address and adds it to a database. When this recipient sends a message to a Mimecast customer, Mimecast checks against the database. If a match is found, the message is allowed through without applying spam checks. However virus checks are still applied. This results in inbound email processing for these senders to be faster and more efficient, and helps to avoid false positives.
Bypassing spam checks (e.g. greylisting) reduces the delivery delay of emails to internal recipients. This can reduce the number of messages placed on Hold due to content based spam scanning.
If a message is held as suspected spam, is released, and the user replies to the sender, an Auto Allow entry will not be generated.
What You'll Need
- An Administrator Console logon with access to the Services | Gateway | Policies menu item.
Creating a Policy
To create a policy, follow the instructions in the Creating / Changing a Policy article, but using the following options:
|Policy Narrative||Provide a description for the policy to allow you to easily identify it in the future.|
|Auto Allow Policy|
Enabled by default, this policy determines if the Auto Allow List (AAL) of your account should be checked for the mail flow specified below. AAL entries are created automatically when messages are sent from internal users to outbound recipients. The recipient address is added to the AAL, so that they are marked as 'trusted'. When the external address sends a message to the internal user, your Mimecast account will check the AAL to see if the address is present. If it is, it allows the communication to bypass specific spam checks that are normally applied to the inbound email. The addition to the AAL does not apply to autoresponders (e.g. Out of Office messages).
Malware and virus scanning is always applied.