Spam Scanning Policies

Document created by user.oxriBaJeN4 Employee on Sep 12, 2015Last modified by user.oxriBaJeN4 Employee on Mar 27, 2017
Version 9Show Document
  • View in full screen mode

As part of the inbound email security checks, Mimecast uses multiple content based heuristic scanning engines. These engines examine the content of emails and look for key phrases and other identifiers commonly used by spammers. These include content-matching rules, and also DNS-based, checksum-based and statistical filtering definitions.

An email with a high enough spam score will be rejected in protocol and logged in the Rejection Viewer.


The aim of Mimecast’s initial layers of defense is to reject unwanted spam and malware emails in protocol. However, there are occasions where Mimecast cannot determine if an email is wanted by the end user of not, such as promotional notifications, newsletters or advertisements. The Mimecast Administrator can then configure spam scanning to check the content of all inbound emails. Spam Scanning can be configured to apply to different levels of sensitivity and actions, should the Policy be triggered.


If an email address, domain name or IP address is added as a Permitted Sender, either on the customer account or globally, the inbound email will always bypass these content based spam checks (but virus scanning will still apply).


If the DNS Authentication Policy applies to the email and the Permitted Sender fails the DNS checks (such as SPF), the email will still be subjected to spam scanning.

What you need

  • An Administrator Console logon with access to the Administration | Gateway | Policies menu item.
  • A previously configured Spam Scanning definition.


Creating a policy


To create a policy, follow the instructions in the Creating / Changing a Policy article, but using the following options:


Policy NarrativeProvide a description for the Policy to allow you to easily identify it in the future.
Select Message Scan Definition

Use the Lookup button to select the required Message Scanning definition for the policy.

Definition required?