Policies - Message Sanitization Bypass

Updated September 15, 2025 08:09

This article explains how to configure the Message Sanitization Bypass policy. The Message Sanitization Bypass policy can be used to bypass character sets (charsets) and encoding changes in messages.

Configuring a Message Sanitization Bypass Policy

You can configure a Message Sanitization Bypass policy, by using the following steps:

Log in to the Mimecast Administration Console.
Navigate to Policies | Gateway Policies.
Click on Message Sanitization Bypass.
Either select the:

- Policy to be changed.
- New Policy button to create a policy.

Complete the Options section as required:

Field / Option	Description
Policy Narrative	Provide a description for the policy to allow you to easily identify it in the future.
Select Option	Select from the following options: Basic Sanitization: Prevents alterations to the message's character set and email data. Applying Basic Sanitization within a Bypass policy is different from what normal sanitization does by default, because it will perform only the encoding changes (will encode texts in quoted-printable and rest in base64). Disable Message Sanitization: Disables the function completely, ensuring the policy is not altered no matter what has been declared (i.e., the character set). Take no action: Applies no action to the policy and will make the encoding changes from basic as well as additionally change charsets as mentioned in the text above.

Field / Option

Description

Policy Narrative

Provide a description for the policy to allow you to easily identify it in the future.

Select Option

Select from the following options:

Basic Sanitization: Prevents alterations to the message's character set and email data.

Applying Basic Sanitization within a Bypass policy is different from what normal sanitization does by default, because it will perform only the encoding changes (will encode texts in quoted-printable and rest in base64).

Disable Message Sanitization: Disables the function completely, ensuring the policy is not altered no matter what has been declared (i.e., the character set).
Take no action: Applies no action to the policy and will make the encoding changes from basic as well as additionally change charsets as mentioned in the text above.

Complete the Emails From and Emails To sections as required:

Field / Option	Description
Addresses Based On	Specify the email address characteristics on which the policy is based. This option is only available in the "Emails From" section: The Return Address: This default setting applies the policy to the SMTP address match, based on the message's envelope or true address (i.e., the address used during SMTP transmission).
Applies From / To	Specify the Sender characteristics that the policy is based on. For multiple policies, you should apply them from the most to the least specific. The options are: Everyone: Includes all email users (i.e., internal and external). This option is only available in the "Emails From" section. Internal Address: Includes only internal organization addresses. External Address: Includes only external organization addresses. This option is only available in the "Emails From" section. Email Domain: Enables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field. Address Groups: Enables you to specify a directory or local group. If this option is selected, click on the Lookup button to select a group from the Profile Group field. Once a group has been selected, you can click on the Show Location field to display the group's path. Address Attributes: Enables you to specify a predefined Attribute. The attribute is selected from the Where Attribute drop-down list. Once the Attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts. Individual Email Address: Enables you to specify an SMTP address. The email address is entered in the Specifically field.

Field / Option

Description

Addresses Based On

Specify the email address characteristics on which the policy is based. This option is only available in the "Emails From" section:

The Return Address: This default setting applies the policy to the SMTP address match, based on the message's envelope or true address (i.e., the address used during SMTP transmission).

Applies From / To

Specify the Sender characteristics that the policy is based on. For multiple policies, you should apply them from the most to the least specific. The options are:

Everyone: Includes all email users (i.e., internal and external). This option is only available in the "Emails From" section.
Internal Address: Includes only internal organization addresses.
External Address: Includes only external organization addresses. This option is only available in the "Emails From" section.
Email Domain: Enables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field.
Address Groups: Enables you to specify a directory or local group. If this option is selected, click on the Lookup button to select a group from the Profile Group field. Once a group has been selected, you can click on the Show Location field to display the group's path.
Address Attributes: Enables you to specify a predefined Attribute. The attribute is selected from the Where Attribute drop-down list. Once the Attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts.
Individual Email Address: Enables you to specify an SMTP address. The email address is entered in the Specifically field.

Complete the Validity section as required:

Field / Option	Description
Enable / Disable	Use this to enable (default) or disable a policy. If a date range has been specified, the policy will automatically be disabled when the end of the configured date range is reached.
Set Policy as Perpetual	If the policy's date range has no end date, this field displays "Always On" meaning that the policy never expires.
Date Range	Use this field to specify a start and/or end date for the policy. If the Eternal option is selected, no date is required.
Policy Override	This overrides the default order that policies are applied. If there are multiple applicable policies, this policy is applied first unless more specific policies of the same type are configured with an override.
Bi-Directional	If selected, the policy is applied when the policy's recipient is the sender, and the sender is the recipient.
Source IP Ranges (n.n.n.n/x)	Enter any required Source IP Ranges for the policy. These only apply if the source IP address used to transmit the message data falls inside or matches the range(s) configured. IP ranges should be entered in CIDR notation.

Click on the Save and Exit button.

Policies - Message Sanitization Bypass

Configuring a Message Sanitization Bypass Policy

See Also...

Related to

Comments