Customer Service Report: Understanding the Headline Statistics

Document created by user.oxriBaJeN4 Employee on Dec 20, 2018Last modified by user.oxriBaJeN4 Employee on Apr 2, 2019
Version 5Show Document
  • View in full screen mode

This guide provides an overview of the Customer Service Report created for your account by Mimecast at the end of each reporting period. The report is available for one week from Monday to Sunday, and over each calendar month. The image below shows values for an example account, with data taken from 1 November, 2018 to 1 December, 2018 inclusive.

 

Headline Statistics

 

Email Overview

 

Total Inbound Messages

 

The number of messages accepted by Mimecast MTA for onward processing on behalf of an internal recipient. When Mimecast processes inbound mail, checks and scans are performed to ensure only legitimate messages pass through. Emails that pass all these checks will be accepted and moved to the Delivery Queue for final delivery to the recipient’s mail server.

 

If a message is addressed to multiple recipients, each accepted recipient counts +1 to this report. The number shown does not indicate the final delivery count to the recipient’s mail server.

 

Inbound Malware Detected

 

The number of inbound messages with malware detected by Mimecast scanners. The different types of malware detected is already known by Mimecast and is rejected at the gateway. Any 'unknown’ malware is sent to the sandbox for further analysis. Administrators can view malware rejection information in the Administration Console under Monitoring | Rejections. The number of inbound messages with malware detected. 

 

Inbound Rejection

 

This value displays as a % of total Inbound mail, with a breakdown by reason provided further in the report. The reasons include connection attempts, blocklists, reputation-based rejections, virus signatures, and messages destined to a non-existent recipient, with each instance counted once per recipient. Administrators can view rejection information in the Administration Console under Monitoring | Rejections.

 

Total Outbound Messages

 

The number of messages sent from internal users through Mimecast MTA for onward processing to the external recipient. When Mimecast processes outbound mail, checks and scans are implemented to safeguard email transmissions. Messages that pass all these checks are moved to the Delivery Queue for final delivery to the external recipient’s mail server.

If a message is addressed to multiple recipients, each accepted recipient counts +1 to this report.

Outbound Malware Detected

 

The number of outbound messages with malware detected. Each instance is counted once per recipient.

Investigation into outbound malware reporting has shown that these instances are often a result of archive/journal processing. To fine tune the accuracy of these numbers going forward, we're planning to ensure journaling/archiving is removed from the final count.

Outbound Rejection

 

The value displays as a % of total Outbound email, with a breakdown by reason provided further in the report. The reasons include connection attempts, temporary failures, or messages destined to a non-existent recipient, with each instance counted once per recipient. Administrators can view rejection information in the Administration Console under Monitoring | Rejections.

 

User Activity

 

User Device Pairs

 

The number of users accessing one of Mimecast's mobile, desktop, or continuity services. A user can use multiple clients (e.g. Mimecast for Outlook and Mimecast for Mobile iOS / Android), with each unique combination of user and client counting as +1 for each reporting day.

 

Searches

 

Displays the number of searches for all users across all device types.

 

Targeted Threat Protection

 

URL Protect

 

The number of URL’s clicked from Inbound mail during the reporting period, including a display of the ratio of safe vs unsafe URL’s clicked. The behaviors are dependent on the settings configured in the URL Protection definition in your Mimecast account. View the URL Protection definitions and policies page for further details.

 

Impersonation Protect

 

The number of potential impersonation attacks detected. These are triggered by at least one Impersonation Protection policy configured in your account. View the Impersonation Protection definitions and policies page for more information.

 

Attachment Protect

 

The number of file attachments sent to the sandbox during the email delivery process, displaying a split of the amount found to be unsafe. Policies for the different attachment scenarios requires a configured definition that sets the conditions under which an attachment is considered safe or unsafe. View the Attachment Protection definitions and policies guide for details.

Attachments

    Outcomes