Configuring an Impersonation Protection Bypass Policy

Document created by user.KZrHBaK4Vn Expert on Feb 20, 2016Last modified by user.oxriBaJeN4 on Jan 11, 2018
Version 21Show Document
  • View in full screen mode

This guide describes how you can exclude specific senders or recipients from an Impersonation Protection policy, by creating an Impersonation Protect Bypass policy. For example, if Targeted Threat Protection - Impersonation Protect is enabled for messages sent from everyone to all internal recipients, but you want a specific team to be exempt.

 

Configuring an Impersonation Protection Bypass Policy

 

To configure an Impersonation Protection Bypass policy:

  1. Log on to the Administration Console.
  2. Click on the Administration toolbar button. A menu drop down is displayed.
  3. Click on the Gateway | Policies menu item. The Gateway Policy Editor is displayed.
    If you don't see this menu item, your Mimecast account does not have the required permissions. Contact your administrator for assistance.
  4. Click on the Impersonation Protection Bypass record. Any existing policies are listed.
  5. Either:
    • Click the New Policy button to create a policy.
    • Click on the policy to be changed.
  6. Complete the Options section as required:
    Field / OptionDescription
    Policy NarrativeProvide a description of the bypass policy to enable you to identify it. This is appended to emails in the archive that have the policy applied.
    Select Option

    Click on the Lookup button to display a list of Impersonation Protection definitions. Click on the Select link to the left of the definition to be applied when this policy is triggered.

    Preview

    This field is only displayed once a definition is selected in the "Select Option" field. Click on the preview definition icon icon to display a read only version of the definition. Click on the Go Back button to return to the policy.

  7. Complete the Emails From section as required:
    Field / OptionDescription
    Addresses Based On

    Specify the email address characteristics the policy is based on. The options are:

    OptionDescription
    Return Address (Mail Envelope From)Applies the policy to the SMTP address match, based on the email's envelope or true address (i.e. the address used during SMTP transmission).
    Message From Address (Message Header From)Applies the policy based on the masked address used in the message's header.
    BothApplies the policy to both the Mail Envelope and Message Header From addresses. This is the default setting for Impersonation Protection policies.

    Impersonation Protection Bypass policies can be applied to bypass specific checks. 

    Applies From

    Specify the Sender characteristics the policy is based on. For multiple policies, you should apply them from the most to least specific. The options are:

    OptionDescription
    Freemail DomainsIncludes sender domains that are present on a Mimecast managed list of freemail domains.
    Header Display NameOnly available when the “Address Based On” option has been set to “The Message From Address (Message Header From)” or “Both”. Provides the option to specify one Header Display Name in the Specifically field.
    External AddressesIncludes only external organization addresses.
    Email DomainEnables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field.
    Address GroupsEnables you to specify a directory or local group. If this option is selected, click on the Lookup button to select a group from the Profile Group field. Once a group has been selected, you can click on the Show Location field to display the group's path.
    Address AttributesEnables you to specify a predefined Attribute. The attribute is selected from the Where Attribute drop down list. Once the Attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts.
    Individual Email AddressEnables you to specify an SMTP address. The email address is entered in the Specifically field.
  8. Complete the Emails To section as required:
    Field / OptionDescription
    Applies To

    Specify the Sender characteristics the policy is based on. For multiple policies, you should apply them from the most to least specific. The options are:

    OptionDescription
    Internal DomainsIncludes only internal domains.
    Email DomainEnables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field.
    Address GroupsEnables you to specify a directory or local group. If this option is selected, click on the Lookup button to select a group from the Profile Group field. Once a group has been selected, you can click on the Show Location field to display the group's path.
    Address AttributesEnables you to specify a predefined Attribute. The attribute is selected from the Where Attribute drop down list. Once the Attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts.
    Individual Email AddressEnables you to specify an SMTP address. The email address is entered in the Specifically field.
  9. Complete the Validity section as required: 
    Field / OptionDescription
    Enable / DisableUse this option to enable or disable the policy.
    Set Policy as PerpetualClick the "Always On" button to set the policy's start and end dates to "All Time", meaning it never expires.
    Date RangeUse this option to override the "Set Policy as Perpetual" option and set a time period for the policy's activity. Click in the field to display a calendar, specify the required start and end date, and click the "Apply" button. Leave the "Eternal" option selected if you don't wish to specify a start or end date.
    Policy OverrideSelect this option to override the default order that policies are applied. If there are multiple applicable policies, this policy is applied first unless more specific policies of the same type have also been configured with an override.
    Bi-DirectionalUse this setting if you want the policy to apply when a recipient is the sender and the sender is the recipient.
    Source IP Ranges (n.n.n.n/x)Specify any required source IP ranges for the policy. These only apply if the source IP address used to transmit the email data falls inside, or matches, the range(s) configured. IP ranges should be entered in CIDR notation.
  10. Click on the Save and Exit button.
    It can take up to ten minutes for the bypass policy to be applied after saving it.

See also...

 

Attachments

    Outcomes