Mimecast Allowlisting

A Step-by-Step Guide for Prventi Customers

At Prventi, we’re committed to helping you strengthen your organization’s cybersecurity through our security awareness training and simulated phishing tests. If your organization uses Mimecast as its email security solution, whitelisting Prventi is essential to ensure our simulated phishing emails and training notifications reach your users’ inboxes without being blocked or filtered.

This guide provides detailed instructions for configuring Mimecast policies to allow Prventi’s phishing simulations to function effectively. We’ve organized the steps in a recommended order to maximize success. If you encounter any issues, feel free to contact Prventi Support or consult Mimecast’s documentation for additional guidance.

Step 1: Create an Anti-Spoofing Policy Bypass

Purpose: This policy allows Prventi to send simulated phishing emails that appear to come from your own domain (e.g., for spear-phishing simulations), bypassing Mimecast’s anti-spoofing protections.

Log in to Mimecast: Access your Mimecast Administration Console.
Navigate to Policies: Click the Administration toolbar button, then select Gateway | Policies.
Select Anti-Spoofing Policy: From the list of policies, choose Anti-Spoofing Bypass and click New Policy.
Configure Settings:
- Options: Choose the appropriate anti-spoofing bypass settings (refer to Mimecast’s Configuring an Anti-Spoofing Policy guide for details).
- Emails From: Set to External (to allow Prventi’s external servers).
- Emails To: Set to Internal Users (or your specific domain).
- Validity: Ensure the policy is enabled and set an appropriate time frame (e.g., ongoing).
Override the Policy: Check the Policy Override box.
Enter Source IP Ranges: In the Source IP Ranges field, input Prventi’s IP ranges. Contact Prventi Support for the most up-to-date list of our IP addresses.
Save the Policy: Click Save to activate the policy.

Tip: After saving, send a test phishing email to yourself or a small group to confirm it reaches the inbox as expected.

Step 2: Set Up a Permitted Senders Policy

Purpose: This policy ensures Prventi’s phishing and training-related emails are permitted through Mimecast’s filters, avoiding spam or junk folders.

Create a new Permitted Sender policy; do not edit the default

Access Policies: In the Mimecast Administration Console, go to Gateway | Policies.
Create a New Policy: Select Permitted Senders from the policy list and click New Policy.
Configure Settings:
- Options: Select settings to permit sender emails (see Mimecast’s Configuring a Permitted Senders Policy for specifics).
- Emails From: Set to External.
- Emails To: Set to Internal Users.
- Validity: Enable the policy and set the desired duration.
Override the Policy: Check the Policy Override box.
Add Source IP Ranges: Enter Prventi’s IP ranges in the Source IP Ranges field (available from Prventi Support).
Save the Policy: Click Save to apply the changes.

Tip: Test this policy with a small campaign to verify that emails arrive without interference.

Step 3: Configure an Attachment Management Bypass Policy

Purpose: If your phishing simulations include attachments (e.g., fake PDFs or documents), this policy prevents Mimecast from stripping them, ensuring accurate test results.

Go to Policies: In the Mimecast Administration Console, select Gateway | Policies.
Choose Attachment Policy: Select Attachment Management Bypass from the list and click New Policy.
Set Policy Details:
- Options: Adjust settings to bypass attachment filtering (refer to Mimecast’s Configuring Attachment Management Bypass Policies).
- Emails From: Set to External.
- Emails To: Set to Internal Users.
- Validity: Enable the policy as needed.
Override the Policy: Check the Policy Override box.
Input Source IP Ranges: Add Prventi’s IP ranges in the Source IP Ranges field.
Save the Policy: Click Save to finalize.

Tip: Send a test email with an attachment to confirm it arrives intact. Stripped attachments can skew your phishing test results.

Step 4: Optional – Prevent URL Rewriting (If Needed)

Purpose: Mimecast may rewrite URLs in emails, which can break phishing simulation links. This step ensures Prventi’s links remain functional.

Navigate to URL Policies: In the Mimecast Administration Console, go to Gateway | Policies.
Select URL Protection Bypass: Choose URL Protection Bypass and click New Policy.
Configure Settings:
- Set to bypass URL rewriting for Prventi’s domains or IPs.
- Contact Prventi Support for our specific domains if needed.
Save the Policy: Apply and test to ensure links work as intended.

Note: This step is optional and depends on whether URL rewriting affects your tests.

Testing Your Configuration

Once you’ve set up these policies, we recommend running a small test campaign:

Create a phishing simulation in your Prventi dashboard targeting yourself or a select group.
Verify that emails arrive in inboxes, attachments remain intact, and links function correctly.
Adjust policies as needed based on the results.

PreviousMicrosoft Office 365 Allowlisting NextSend a delivery test email

Last updated 1 day ago

Mimecast Allowlisting

A Step-by-Step Guide for Prventi Customers

Step 1: Create an Anti-Spoofing Policy Bypass

Log in to Mimecast: Access your Mimecast Administration Console.
Navigate to Policies: Click the Administration toolbar button, then select Gateway | Policies.
Select Anti-Spoofing Policy: From the list of policies, choose Anti-Spoofing Bypass and click New Policy.
Configure Settings:
- Options: Choose the appropriate anti-spoofing bypass settings (refer to Mimecast’s Configuring an Anti-Spoofing Policy guide for details).
- Emails From: Set to External (to allow Prventi’s external servers).
- Emails To: Set to Internal Users (or your specific domain).
- Validity: Ensure the policy is enabled and set an appropriate time frame (e.g., ongoing).
Override the Policy: Check the Policy Override box.
Enter Source IP Ranges: In the Source IP Ranges field, input Prventi’s IP ranges. Contact Prventi Support for the most up-to-date list of our IP addresses.
Save the Policy: Click Save to activate the policy.

Tip: After saving, send a test phishing email to yourself or a small group to confirm it reaches the inbox as expected.

Step 2: Set Up a Permitted Senders Policy

Purpose: This policy ensures Prventi’s phishing and training-related emails are permitted through Mimecast’s filters, avoiding spam or junk folders.

Create a new Permitted Sender policy; do not edit the default

Access Policies: In the Mimecast Administration Console, go to Gateway | Policies.
Create a New Policy: Select Permitted Senders from the policy list and click New Policy.
Configure Settings:
- Options: Select settings to permit sender emails (see Mimecast’s Configuring a Permitted Senders Policy for specifics).
- Emails From: Set to External.
- Emails To: Set to Internal Users.
- Validity: Enable the policy and set the desired duration.
Override the Policy: Check the Policy Override box.
Add Source IP Ranges: Enter Prventi’s IP ranges in the Source IP Ranges field (available from Prventi Support).
Save the Policy: Click Save to apply the changes.

Tip: Test this policy with a small campaign to verify that emails arrive without interference.

Step 3: Configure an Attachment Management Bypass Policy

Purpose: If your phishing simulations include attachments (e.g., fake PDFs or documents), this policy prevents Mimecast from stripping them, ensuring accurate test results.

Go to Policies: In the Mimecast Administration Console, select Gateway | Policies.
Choose Attachment Policy: Select Attachment Management Bypass from the list and click New Policy.
Set Policy Details:
- Options: Adjust settings to bypass attachment filtering (refer to Mimecast’s Configuring Attachment Management Bypass Policies).
- Emails From: Set to External.
- Emails To: Set to Internal Users.
- Validity: Enable the policy as needed.
Override the Policy: Check the Policy Override box.
Input Source IP Ranges: Add Prventi’s IP ranges in the Source IP Ranges field.
Save the Policy: Click Save to finalize.

Tip: Send a test email with an attachment to confirm it arrives intact. Stripped attachments can skew your phishing test results.

Step 4: Optional – Prevent URL Rewriting (If Needed)

Purpose: Mimecast may rewrite URLs in emails, which can break phishing simulation links. This step ensures Prventi’s links remain functional.

Navigate to URL Policies: In the Mimecast Administration Console, go to Gateway | Policies.
Select URL Protection Bypass: Choose URL Protection Bypass and click New Policy.
Configure Settings:
- Set to bypass URL rewriting for Prventi’s domains or IPs.
- Contact Prventi Support for our specific domains if needed.
Save the Policy: Apply and test to ensure links work as intended.

Note: This step is optional and depends on whether URL rewriting affects your tests.

Testing Your Configuration

Once you’ve set up these policies, we recommend running a small test campaign:

Create a phishing simulation in your Prventi dashboard targeting yourself or a select group.
Verify that emails arrive in inboxes, attachments remain intact, and links function correctly.
Adjust policies as needed based on the results.

PreviousMicrosoft Office 365 Allowlisting NextSend a delivery test email

Last updated 1 day ago