Your Mimecast Account Settings

Document created by user.oxriBaJeN4 Employee on Sep 16, 2015Last modified by user.oxriBaJeN4 Employee on Jul 25, 2019
Version 25Show Document
  • View in full screen mode

Your account's settings contain information about your account (e.g. your archive retention period, the number of licensed users, the Mimecast Service you've purchased). There are also some configurable settings. Some of these can only be amended by Mimecast Support, and are typically configured when your account is initially created.


Accessing Account Settings


To access your account settings:

  1. Log on to the Administration Console.
  2. Click on the Administration toolbar button. A menu drop down is displayed.
  3. Click on the Account | Account Settings menu item.


The Account Settings dialog is separated into groups of options using a collapsible / expandable menu. As you click on one of the menu items, it expands and collapses the current menu. The menu groups are:

Menu groupDescription
Account SettingsLicense and retention details regarding your Mimecast account. The menu is displayed by default.
Directory OptionsDetermines if LDAP integration is enabled.
User Access and PermissionsConfigure global access for users and timeout for Administration Console sessions.
System Notification OptionsSpecify certain notification addresses.
Account ContactAccount contact details.
Password Complexity and ExpirationControl password complexity, expiration and account lockout for Mimecast Cloud passwords.
Enhanced Logging


Account Settings


This section displays settings specific to your Mimecast account. They are grayed out, as they are configured when the account is initially created by Mimecast Support. The options are detailed below:

Additional fields / options are available if you've Advanced Account Administration Differences enabled.

Field / OptionDescription
Account NameThe name for your Mimecast account. This is usually your organization's name.
Mimecast IDThe ID of your Mimecast account. This is to be used for interactions with Mimecast Service Delivery.
Account CodeA unique identifier for your Mimecast account.
Database CodeA reference for the database instances of your Mimecast account.
Account StatusDisplays if the account is enabled or disabled. Accounts will only be disabled if your service has been terminated. Contact your Mimecast Account Manager if this is the case.
Maximum Retention (Days)

Specifies the maximum number of days that messages will be retained in the archive. This setting cannot be increased by administrators, but it can be reduced for retention of specific messages.

Maximum Retention ValidatedSpecifies that the Maximum Retention (Days) value has been approved by a user with Super Administrator, Full Administrator, or Partner Administrator permissions.
Number of UsersDisplays the number of licensed users for the account, regardless of the number of email addresses used.
Pause Inbound Deliveries

Enabling this option allows you to globally halt Mimecast from sending emails to your mail server(s). You may need this if your mail server(s) is temporarily unable to accept emails due to an unplanned outage, software updates, geographical event, or server relocation. Emails are still accessible through Mimecast User Services while they are paused.

Should only a specific region be undergoing a geographical event our outage, it may be better to pause only the specific Delivery Route to that location.

When this field is disabled, Mimecast will connect with your mail server(s), and send through all messages that have been queued. Messages will not be sent through in one complete block, but instead will be slowly filtered through to the mail server so as not to cause excessive load. When using this option, ensure that you are able to monitor your delivery queues.

Warning Message After (Attempts)This allows customers to modify their email delivery warning notifications. By default, these notifications are delivered to senders after 60 minutes or six retry attempts, whichever comes first.
Bounce Message After (Attempts)This allows customers to modify their message bounce notifications. By default, these soft bounce notifications are delivered to senders after 96 hours (four days) or 30 retry attempts, whichever comes first.


Directory Options


Field / OptionOption
Automatically Link Aliases

When enabled, on the next Directory Synchronization, the Mimecast Service automatically links the alias addresses found in your directory to their primary addresses. This ensures that when end users log onto the Mimecast Personal Portal using their primary address, they can view all messages sent to their primary and alias addresses.

If enabled, directory synchronized user accounts are automatically disabled when the user profile is disabled or removed from the network directory.  If disabled, the user account must be disabled manually.
Clear All AliasesUse this option to remove all alias links that have been set on the account in the past. This includes alias links that have been manually created next to those that have been created automatically via the "Automatically Link Aliases" option.


User Access and Permissions


Field / OptionDescription
Administration Console TimeoutSpecify a timeout period, after which users are automatically logged off if they've been inactive for that period. 
Allow Weak Ciphers for Secure ReceiptIf selected, the use of weak ciphers is allowed for Secure Receipt (i.e. when the Mimecast MTA receives a connection request from a remote server) during the TLS handshake.
Send BCC to Mail ServerWhen sending email via Mimecast for Outlook, Mimecast Personal Portal, or Mimecast Mobile, the platform automatically adds the sender's email address into the BCC field. This ensures a copy of the message is routed back to your local infrastructure. By default, this option is enabled.
SMTP Submission Override

Allows the use of SMTP email submission through any mail enabled application.

This option can only be enabled by Mimecast Support.
POP Services OverrideAbility to receive email via POP3 through any mail enabled application.
Force Mimecast Personal Portal v3

Directs all users to use Mimecast Personal Portal v3.

This setting is not available to customers running Closed Circuit Messaging (CCM).
Display Sender Avatar to External UsersIf you use Directory Synchronization, Mimecast can retrieve images associated with the user's email address. With this option enabled, these images can be displayed as user avatars in Mimecast solutions (e.g. Secure Messaging).
Admin IP Ranges

You can restrict those who can log on to the Administration Console to specific IP addresses and / or ranges. Anyone attempting to log on with an IP address not stipulated here, or outside of the range specified, is refused access. The IP ranges are respected when logging directly into the account. These restrictions are not applied to external administrators that log in to the account from the Managed Service Provider (MSP) Portal.

Content Administrators Default View

Select the default view for all Administrators with content permissions. This setting excludes items viewed via the Attachments, Held Messages sections. By default these sections are available to all administrators with access to these sections. The options are:

  • Content: The administrator is presented with the content of the items they open after which they can toggle to the metadata.
  • Metadata: The administrator is presented with the metadata of the items they open after which they can toggle to the content.
Targeted Threat Protection AuthenticationSets a period after which a user's device must be reauthenticated, if there has been no user interaction with Targeted Threat Protection - Attachment Protect.
Authentication Duration (Days)This option only displays when "Targeted Threat Protection Authentication" has been enabled. Specify the number of days after which a user's device must be re-authenticated, if there has been no Targeted Threat Protection - Attachment Protect activity.
Security PassphraseThis option is used to provide additional security options to confirm a caller’s identity. Once details have been confirmed Mimecast will update Administrators accordingly.


Mimecast provides several ways to assign user permissions:

  • Configured for the entire organization using an Application Settings definition.
  • Configured manually at the individual email level.
  • Imported in bulk using a spreadsheet import.


System Notification


Field / OptionDescription
SMS Attribute

Specifies the Active Directory or Mimecast attribute that identifies the mobile phone number of users. When sending an SMS to a user, we use the number associated with this attribute.

Notification Postmaster Address

Specifies the email address to which all user notifications are sent. A postmaster address is created by default in the internal domains and is selected by default. Whilst this address cannot be deleted, a different email address can be used by clicking the "Lookup" button.

Privileged Access Notifications

Specifies the email address to which all notifications are sent when an archive search is performed by an administrator. A different email address can be used by clicking the "Lookup" button.

Enforce Archive Search ReasonIf selected, administrators are required to provide a search reason when performing an archive search. The search reason entered is mentioned on the Privileged Access Notifications, as well as in the appropriate search logs.
Send Notifications When Export Block is CompleteEnables automatic email notifications when exports are requested.


Account Contact


The Account Contact details are used by Mimecast to alert administrators about Mimecast services. For this reason, it is important these details are kept up to date.

Field / OptionDescription
Contact Name

Your name.


Your telephone number. The number must start with "+" followed by the country code and the number minus the first "0" (e.g. +4412345678901).

Emergency SMS NumbersYour mobile (cell) phone number. The number must start with "+" followed by the country code and the SMS number minus the first "0". Multiple entries are allowed by comma separating them (e.g. +441734567890, +11734567895).
Email AddressYour primary email address.
CC Email AddressesAlternate email addresses. Multiple email addresses can be added separated by a comma (, This ensures that notifications are communicated to a wider group.


Password Complexity and Expiration


These settings apply to Mimecast user accounts, and therefore only affect cloud passwords, not Active Directory accounts and passwords.

These settings also apply to external CCM users.

Password Complexity


The strength of a password is a function of length and complexity. Mimecast enforces a minimum length of 8 characters for added security of Mimecast Cloud passwords. The settings can be configured in any combination to ensure that users' passwords are as secure as possible.

Mimecast cloud passwords cannot contain the forbidden words "mimecast" or "password". See the  Configuring Password Complexity and Expiration page for more information.

Password Expiry and Lock


The account lockout setting cannot be disabled. The Administrator can configure custom settings, or the Mimecast default system settings will be applied (e.g. after five consecutive unsuccessful log on attempts, the account is locked for 15 minutes.


Enhanced Logging


If you are using a SIEM, Splunk or any other data analytics platform, you can enable additional logging of email transactions on your account. These logs are available using the Mimecast Data Logging API. For more information on this feature please see these guides:



These additional settings do not impact the current Reporting features available in the Administration Console and are only available using an API integration.

6 people found this helpful