Policies - Configuring Blocked Sender Policies

Updated

A Blocked Senders policy restricts messages to or from specific email addresses or domains. It can apply to inbound or outbound messages, although it is typically used to block inbound messages.

View the Policy Specificity page for more information regarding the order in which Mimecast applies policies to emails.

Usage Considerations

Consider the following before creating a policy:

  • Messages from blocked senders are rejected and logged in the Rejections Viewer. For further details, see the Email Security Cloud Gateway - Rejected and Deferred Messages page.
  • Blocked Senders policies override any configured Permitted Senders policies.
  • Blocked Senders policies override addresses allowed by individual users. For example, messages from a domain added to a user's permitted senders list AND a Blocked Senders policy are rejected. The following default Block Sender policies are created during your Mimecast account creation and cannot be changed by administrators:
        • An External to External Block Sender policy prevents senders from using your mail server as an open relay. For example, we only accept messages from addresses belonging to your internal domains. Additional External to External Blocked Sender policy cannot be created.
        • An exception policy with the option set to "Take no action." This allows addresses/domains to be known to your company and relayed via your mail server. For example, a staff member has left your organization, but their email address is being forwarded to a different email address.
        • An inbound Blocked Senders policy that references an empty group. You can populate this group by manually adding email addresses/domains or importing a spreadsheet file. See the Importing Users via a Spreadsheet page for full details.

Configuring a Blocked Senders Policy

To configure a Blocked Senders policy:

  1. Log in to the Mimecast Administration Console.
  2. Navigate to Policies | Gateway Policies.
  3. Select Blocked Senders. A list of policies is displayed.
  4. Either select the: 
        • Policy to be changed.
        • New Policy button to create a policy.
  1. Complete the Options section as required:
Option Description
Policy Narrative Enter a description for the policy to allow you to identify it.
Blocked Senders Policy Select whether to block the sender or take no action.
  1. Complete the Emails From and Emails To sections as required:
Field/Option Description
Addresses Based On Specify the email address characteristics the policy is based on. This option is only available in the "Emails From" section. The options are:
  • The Return Address (Mail Envelope From): This default setting applies the policy to the SMTP address match based on the message's envelope or true address (i.e., the address used during SMTP transmission).
  • The Message From Address (Message Header From): This policy applies based on the masked address used in the message's header.
  • Both: Applies the policy based on the Mail Envelope From or the Message Header From, whichever matches. If both match, the specified value of the Message Header From is used.
Applies From / To Specify the sender characteristics the policy is based on. You should apply multiple policies from the most to least specific. The options are:
  • Everyone: Includes all internal and external users. This option is only available in the "Emails From" section.
  • Internal Address: Includes only internal addresses.
  • External Address: Includes only external addresses. This option is only available in the "Emails From" section.
  • Email Domain: This enables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field.
  • Address Groups: This enables you to specify a directory or local group. If this option is selected, click the Lookup button to select a group from the Profile Group field. Once a group has been selected, you can click on the Show Location field to display the group's path.
  • Address Attributes: This enables you to specify a predefined attribute. The attribute is selected from the Where Attribute drop-down list. Once the attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts.
  • Individual Email Address: This enables you to specify an SMTP address. The email address is entered in the Specifically field.
  1. Complete the Validity section as required:
Field/ Option Description
Enable / Disable Enables (default) or disables the policy. If a date range is specified, the policy is automatically disabled when the end of the date range is reached.
Set Policy as Perpetual If the policy's date range has no end date, this field displays "Always On," meaning the policy never expires.
Date Range Specify a start and/or end date for the policy. If Eternal is selected, no date is required.
Policy Override This overrides the default order that policies are applied. If there are multiple applicable policies, this policy is applied first unless more specific policies of the same type are configured with an override.
Bi-Directional If selected, the policy is applied when the policy's recipient is the sender and the sender is the recipient.
Source IP Ranges (n.n.n.n/x) Enter any required Source IP Ranges for the policy. These only apply if the source IP address used to transmit the message data falls inside or matches the range(s) configured. IP ranges should be entered in CIDR notation.
  1. Select the Save and Exit button.

See Also...

Related to

Was this article helpful?
8 out of 26 found this helpful

Comments

0 comments

Please sign in to leave a comment.