Configuring Delivery Routing Definitions and Policies

Document created by user.oxriBaJeN4 Employee on Sep 11, 2015Last modified by user.Yo2IBgvWqr on Oct 9, 2017
Version 9Show Document
  • View in full screen mode

Delivery Routing policies allow email delivery to a specific server based on a domain, group, attribute, or individual address. They determine the route used for inbound email delivery to your framework, and contain all the details of the delivery destination (e.g. the hostname or IP Address of the email server). The policy can also be used to override MX (mail exchange) records for outbound delivery. 

 

Considerations

 

 Consider the following before configuring a definition or policy:

  • By default, outbound mail is delivered to the recipient using available MX records. If an outbound Delivery Route policy has been configured, this overrides the default MX record.
  • Delivery routes require the specific route to be defined in a definition, and a policy to determine the flow of traffic. Alternate routes can be created, which enable a fail over option should a customer’s primary route be unavailable.
  • If multiple similar routes (the FROM and TO variables are the same) are configured, this results in a round robin (random selection) of these routes. This is also useful to balance mail server load.
  • If route information is no longer valid, it is possible to change the delivery route for a message by either:
    • Adjusting the delivery route definition, taking care not to change the description field.
    • Removing the original policy that applied to a message, and applying a new policy with an associated definition. The Recalculate button in the delivery queue forces us to review the current policy that applies to the message awaiting delivery. This feature is only available to customers utilizing our latest Gateway.

 

Configuring a Delivery Route Definition

 

To configure a Delivery Route definition:

  1. Log on to the Administration Console.
  2. Click on the Administration toolbar button.
  3. Click on the Gateway | Policies menu item.
  4. Click on the Definitions drop down. A list of the definition types is displayed.
    Definition List
  5. Click on the Delivery Routes definition type from the list. The list of definitions is displayed.
  6. Either click on the:
    • Policy to be changed.
    • New Route Definition button to create a definition.
  7. Complete the Route Properties section as follows:
    Field / OptionDescription
    DescriptionGive the definition a description.
    Do not change the description once it has been applied to a delivery routing policy. Doing so results in delivery issues for any messages currently tied to that route. If the address for one of the routes changes, you can update the information.
    HostnameEnter a Public IP address or a publicly resolvable DNS name. This IP address / hostname needs to be accessible from the internet for usto be able to use it as delivery route.
    PortSpecify a port number. The default value is TCP 25 (SMTP), unless there are other specific requirements.
    PauseIf your mail server is down for planned or unplanned reasons, we continue to accept inbound mail. A message is held in the delivery queue, and we will attempt to deliver to the mail server based on the email delivery schedule. Once your mail server is back online, you can wait for the message to be delivered according to the schedule, or manually retry the messages held in your delivery queue. We will attempt to deliver mail for up to 30 attempts, over a period of 6320 minutes (four days). If the outage is longer than this, we will issue a Non Delivery Report (NDR) to the email sender. If you're expecting to have an outage for longer than four days, it is possible to pause inbound mail delivery for an indefinite period of time. This can be done in using this option, or via your Your Mimecast Account Settings.
    Start DateIf the "Pause" option is selected, specify a date you want the delivery of inbound mail to be paused.
    Expiry DateIf the "Pause" option is selected, specify a date you want the delivery of inbound mail to stop being paused. You can use the Set to Eternal button to set the date to eternity. You can also use the Expire Now button to end the pause immediately.
  8. Complete the Alternate Routes section as follows:
    FieldDescription
    Alternate RouteWe will always attempt to deliver messages to the primary route as specified in the Host Name field. In the event that the primary route is unavailable, alternate routes can also be specified. We will try the alternative routes in the order specified. Use the drop down menu to select other delivery route definitions that have been saved.
  9. Complete the Optional SMTP Authentication Settings as follows:
    We recommend you select the mechanism that your email server supports natively first. If the selected authentication mechanism is not successful, the next in the list is attempted.
    Field / OptionDescription
    Enable SMTP AuthenticationSome organizations require SMTP authentication before we are allowed to deliver messages to their servers, which helps to increase the security measures for safe delivery. The following authentication mechanisms are supported:
    MechanismDescription
    NTLMThe standard used by Microsoft Exchange.
    Digest_Md5Uses RSA Data Security Inc.'s MD5 Message Digest algorithm
    Cram_Md5The CRAM-MD5 authentication method has been superseded by the DIGEST-MD5 method in terms of security. It is still provided here for compatibility with older SMTP servers that may not support the newer DIGEST-MD5 algorithm.
    PlainThe user name and password are sent unencrypted as per RFC 4616 stand. The username (for authorization), User Name (for authentication) and password. The three strings are grouped in a single string and base64 encoded.
    LoginIn the LOGIN authentication like in the PLAIN authentication, the username and password unencrypted but encoded in Base64. In contrast to the PLAIN authentication the two strings are transmitted in two steps.
    Authentication MechanismsThe available mechanisms are listed on the left, with the selected mechanisms on the right. Select a mechanism from a list and use the Add or Remove button to add it to the required list. Multiple mechanisms can be enabled, and will be utilized in the order of the list. Select a mechanism from a list and use the Up or Down button to change their order of preference.
    UsernameSpecify the domain's username.
    PasswordSpecify the domain's password.
    DomainSpecify the domain.
  10. Click on the Save and Exit button.

 

Removing a Delivery Route Definition

 

Consider the following before removing a Delivery Route definition:

  • You cannot remove a delivery route if:
    • The route is referenced by a policy.
    • A message has been processed by us, but hasn't been archived. For example, a held, accepted, or delayed message.
  • The definition is considered in use until all messages that apply to the delivery route policy has been delivered. If an attempt is made to remove the definition, the following error is displayed:

"Unable to Delete - Definition is still in use by non-archived items. Please consider disabling the Policy for now so that you can delete it at a later stage."

 

To remove an existing Delivery Route:

  1. Right click one of the routes from the list.
  2. Click on Remove Route menu item. 

 

Configuring a Delivery Route Policy

 

To configure a Delivery Route policy:

  1. Log on to the Administration Console.
  2. Click on the Administration menu item. A menu drop down is displayed.
  3. Click on the Gateway | Policies menu item.
  4. Click on Delivery Routing. A list of policies is displayed.
  5. Either select the:
    • Policy to be changed.
    • New Policy button to create a policy.
  6. Complete the Options section as required:
    Option / OptionDescription
    Policy NarrativeProvide a description for the policy to allow you to easily identify it in future.
    Select RouteSelect a delivery route definition for the policy.
  7. Complete the Emails From and Emails To sections as required:
    Field / OptionDescription
    Addresses Based OnSpecify the email address characteristics the policy is based on. This option is only available in the "Emails From" section. The options are:
    OptionDescription
    The Return Address (Mail Envelope From)This default setting applies the policy to the SMTP address match, based on the message's envelope or true address (i.e. the address used during SMTP transmission).
    The Message From Address (Message Header From)Applies the policy based on the masked address used in the message's header.
    BothApplies the policy based on either the Mail Envelope From or the Message Header From whichever matches. When both match, the specified value the Message Header From will be used.
    Applies From / ToSpecify the Sender characteristics the policy is based on. For multiple policies, you should apply them from the most to least specific. The options are:
    OptionDescription
    EveryoneIncludes all email users (i.e. internal and external). This option is only available in the "Emails From" section.
    Internal AddressIncludes only internal organization addresses.
    External AddressIncludes only external organization addresses. This option is only available in the "Emails From" section.
    Email DomainEnables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field.
    Address GroupsEnables you to specify a directory or local group. If this option is selected, click on the Lookup button to select a group from the Profile Group field. Once a group has been selected, you can click on the Show Location field to display the group's path.
    Address AttributesEnables you to specify a predefined Attribute. The attribute is selected from the Where Attribute drop down list. Once the Attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts.
    Individual Email AddressEnables you to specify an SMTP address. The email address is entered in the Specifically field.
  8. Complete the Validity section as required:
    Field / OptionDescription
    Enable / DisableUse this option to enable (default) or disable a policy. Disabling the policy allows you to prevent it from being applied without having to delete or back date it. Should the policy's configured date range be reached, the it is automatically disabled.
    Set Policy as PerpetualSpecifies that the policy's start and end dates are set to "Eternal", meaning the policy never expires.
    Date RangeSpecify a start and end date for the policy. This automatically deselects the "Eternal" option.
    Policy OverrideSelect this option to override the default order that policies are applied. If there are multiple applicable policies, this policy is applied first unless more specific policies of the same type have also been configured with an override.
    Bi-DirectionalIf selected, the policy also applies when the policy's recipient is the sender and the sender is the recipient.
    Source IP Ranges (n.n.n.n/x)Enter any required Source IP Ranges for the policy. These only apply if the source IP address used to transmit the message data, falls inside or matches the range(s) configured. IP ranges should be entered in CIDR notation.
  9. Click on the Save and Exit button.

Testing Delivery Routes

 

We provides the ability to test connectivity to your mail server, ensuring that messages are successfully delivered via the configured Delivery Route. To test Delivery Routes:

  1. Configure the Delivery Route Definition and Policy as described above.
  2. Click the Test Connection button in the toolbar.
  3. Monitor inbound mail using the Delivery Queue to ensure that delivery is successful.
  4. Once mail has been delivered, the Delivery Route used for specific messages can be checked in Accepted Email or Archive Search results, using the receipt / delivery view.

 

See Also...

 

Attachments

    Outcomes