This article lists SMTP addresses and domains that must be allowed for Mimecast Awareness Training, and is intended for Administrators.
Also see Managing Phishing Templates.
Introduction
Specific SMTP addresses and domains must be allowed for Mimecast Awareness Training.
This is because:
- SMTP addresses are used for phishing campaign simulations.
- Domain URLs are used in phishing campaign simulations.
The domain to allowlist for the Mimecast Awareness Training phishing landing page is:
https://*.therelayservice.com/
Mimecast owns this domain.
You maintain your Managed URLs in the Mimecast Administration Console by navigating to Email Security | URL Protection and clicking on URL Tools.
Trusted Sites Configuration
Click here to learn how to configure a Safe Senders list for Mimecast Awareness Training emails, ensuring that images display properly.
Step 1: Add Mimecast Sending Addresses to the Safe Senders List using GPO
- Create a Safe Senders List File:
- Create a .txt file containing the sending address(es) you would like to add as Safe Senders (in this case, this would be whichever address you are sending the Training Modules from)
@domain.com
postmaster@domain.com- If you wish to do the same for Phishing Campaigns, ensure that you add the sending addresses listed in the article below to the text file as well:
https://mimecastsupport.zendesk.com/hc/en-us/articles/34000445739027-Engage-SMTP-and-URL-Guide#h_01JC0JYXB6TMDBBYWBEB1168E7- Save this file in a shared network location accessible to all users.
Configure the GPO
- Open the Group Policy Management Console (GPMC).
- Navigate to:
-
- User Configuration | Administrative Templates | Microsoft Outlook | Outlook Options | Preferences | Junk Email
- Enable the policy Specify path to Safe Senders list.
- Enter the UNC path to the .txt file (e.g., \\ServerName\Share\SafeSenders.txt).
- Deploy the GPO:
-
- Link the GPO to the appropriate Organizational Unit (OU) containing the users.
- Run gpupdate /force on client machines to apply the policy.
Using Intune
Prepare the Safe Senders List:
- Create the same .txt file as above.
- Create a Configuration Profile:
-
- Log in to the Microsoft Endpoint Manager Admin Center.
- Go to Devices | Configuration profiles | Create profile.
- Select Windows 10 and later as the platform and Templates | Administrative Templates.
- Configure the Policy:
-
-
-
- Search for "Specify path to Safe Senders list".
- Enable the policy and provide the path to the .txt file.
- Assign the Profile. (Assign the configuration profile to the appropriate user or device groups.)
-
-
Step 2: Enable Automatic Image Downloads for Safe Senders using GPO
Configure the GPO
- Open the Group Policy Management Console (GPMC).
- Navigate to:
-
- User Configuration | Administrative Templates | Microsoft Outlook | Outlook Options | Mail Format | HTML Options
- Enable the policy Automatic Picture Download Settings.
- Configure the setting to Permit downloads in email messages from Safe Senders and Safe Recipients.
- Deploy the GPO:
-
- Link the GPO to the appropriate OU and apply it.
Using Intune
- Create a Configuration Profile:
-
- Log in to the Microsoft Endpoint Manager Admin Center.
- Go to Devices | Configuration profiles | Create profile.
- Select Windows 10 and later as the platform and Templates | Administrative Templates.
- Configure the Policy:
-
- Search for Automatic Picture Download Settings.
- Enable the policy and configure it to Permit downloads in email messages from Safe Senders and Safe Recipients.
- Assign the Profile. (Assign the configuration profile to the appropriate user or device groups.)
Step 3: Verify the Configuration
On a Client Machine:
- Open Outlook and navigate to:
-
- Home | Junk | Junk Email Options | Safe Senders
- Confirm that Mimecast's sending addresses are listed.
- Test Automatic Image Downloads:
-
- Send a test email from a Mimecast address and verify that images are downloaded automatically without user intervention.
Domains
The address to use for setting up Safe Senders/Trusted Sites to allow for automatic downloads of inserted images and [videoposter] in your Mimecast Awareness Training Email Notifications is:
https://s3.amazonaws.com
The following table lists the domains to allow for Mimecast Awareness Training Phishing Campaigns:
| account-renewals.com | payroll-updates.com |
| accountsecuritynotices.com | relaysvc.com |
| benefits-bulletin.com | salary-info.com |
| ceo-update.com | secure-corporate-communications.com |
| company-updates.com | secure-corporate-news.com |
| corp-accounts.com | secure-corporate-updates.com |
| corp-news.com | secure.ataata.com |
| corp-update.com | secureceocommunications.com |
| corporate-payroll.com | securesecuritysolutions.com |
| corporate-updates.com | security-bulletin.com |
| cy-se.com | subscriptionrenewalnotices.com |
| employee-news.com | subscriptionrenewalservices.com |
| hookedlikeaphish.com | sysgen-cash.com |
| info-needed.com | sysgen-payroll.com |
| payroll-news.com | worldwidenewsupdates.com |
| instant-promos.com |
Email Addresses
The following email addresses are used for Mimecast Awareness Training Phishing Campaigns:
- noreply@therelaysvc.com
- noreply@therelayservice.com
- noreply@securityvault.com ‐ FOR TEST SYSTEM ONLY
SMTP addresses
The following table lists SMTP addresses that are used for Mimecast Awareness Training Phishing Campaign Simulations.
| Template Name | SMTP Address |
|---|---|
| Payroll | noreply@corporate-payroll.com |
| Promotions | noreply@instant-promos.com |
| Shipping | noreply@our-account.com |
| TrackMyPackage | noreply@worldwidenewsupdates.com |
| BreakingNews | noreply@corp-news.com |
| Reset | noreply@corp-accounts.com |
| Login | noreply@security-bulletin.com |
| Survey | noreply@secureceocommunications.com |
| Salary | noreply@salary-info.com |
| Fileshare | noreply@secure-corporate-communications.com |
| Renewals | noreply@account-renewals.com |
| Notification | noreply@accountsecuritynotices.com |
| Payroll‐News | noreply@payroll-news.com |
| Employee‐News | noreply@employee-news.com |
| Corp‐Updates | noreply@secure-corporate-updates.com |
| Sec‐Solutions | noreply@securesecuritysolutions.com |
| Subscription‐Renewal | noreply@subscriptionrenewalservices.com |
| Payroll‐Gen | noreply@sysgen-payroll.com |
| Cash‐Gen | noreply@sysgen-cash.com |
| OneDrive | noreply@benefits-bulletin.com |
| CEO‐Update | noreply@ceo-update.com |
| Company‐Updates | noreply@company-updates.com |
| Corp‐Update | noreply@corp-update.com |
| Corporate‐Updates | noreply@corporate-updates.com |
| CyC | noreply@cy-se.com |
| Info | noreply@info-needed.com |
| Payroll‐Update | noreply@payroll-updates.com |
| Corp‐News | noreply@secure-corporate-news.com |
| Subscription‐Notice | noreply@subscriptionrenewalnotices.com |
| Amazon | noreply@relaysvc.com |
Comments
Please sign in to leave a comment.