Policies - Attachment Hold on Size Policies

Updated
This article contains information on how the Attachment Hold on Size policy works, its configuration steps, and how it allows administrators to hold and release attachments exceeding a specified size, ensuring better control over email attachments.

With an Attachment Hold-on Size policy, you can restrict the maximum attachment size for inbound and outbound messages. Unlike Attachment Sets, which apply to specific attachment types, this policy applies to all attachments regardless of file type. This attachment policy differs from the Attachment Block on Size by offering the option of performing an Administrator Hold with an option to release the attachment by admins later.
 
Messages with attachments that trigger this policy are alerted to the Administrator Hold queue. You can use this to ensure certain files do not get through, while others can be put on hold and released when necessary.
An Attachment Hold on Size policy has priority over the Attachment Link on Size Policies.

Configuring an Attachment Hold on Size Policy

To configure an Attachment Hold on Size policy:

  1. Log in to the Mimecast Administration Console.
  2. Navigate to Policies | Gateway Policies menu item.
  3. Click on Attachment Hold on Size.
  4. Either select the: 
      • Policy to be changed.
      • New Policy button to create a policy.
  1. Complete the Options section as required:
Field / Option Description
Policy Narrative Provide a description of the policy to allow you to easily identify it in the future.
Hold Attachments Larger Than (KB) Specify a value in Kilobytes for the maximum file size of all attachments in a message. Any attachments that exceed this limit are placed on hold and not delivered with the message. For example, if 1000 KB is specified and a message has two attachments of 550 KB each, both attachments are placed on hold.

When handling archive files (e.g., ZIP), the threshold applies to the uncompressed file size of the attachment. This adds protection against large, highly compressed archived files.
  1. Complete the Emails From and Emails To sections as required:
Field / Option Description
Addresses Based On Specify the email address characteristics that the policy is based on. This option is only available in the "Emails From" section. The options are:
  1. The Return Address (Mail Envelope From): This default setting applies the policy to the SMTP address match based on the message's envelope or true address (i.e., the address used during SMTP transmission).
  2. The Message From Address (Message Header From): This applies the policy based on the masked address used in the message's header.
  3. Both: Applies the policy based on the Mail Envelope From or the Message Header From, whichever matches. If both match the specified value, the Message Header From is used.
Applies From / To Specify the Sender characteristics that the policy is based on. For multiple policies, you should apply them from the most to the least specific. The options are:
  1. Everyone: Includes all email users (i.e., internal and external). This option is only available in the "Emails From" section.
  2. Internal Address: Includes only internal organization addresses.
  3. External Address: Includes only external organization addresses. This option is only available in the "Emails From" section.
  4. Email Domain: This enables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field.
  5. Address Groups: This enables you to specify a directory or local group. If this option is selected, click the Lookup button to select a group from the Profile Group field. Once a group has been selected, you can click on the Show Location field to display the group's path.
  6. Address Attributes: This enables you to specify a predefined Attribute. The attribute is selected from the Where Attribute drop-down list. Once the Attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts.
  7. Individual Email Address: This enables you to specify an SMTP address. The email address is entered in the Specifically field.
  1. Complete the Validity section as required:
Field / Option Description
Enable / Disable Use this to enable (default) or disable a policy. If a date range has been specified, the policy will automatically be disabled when the end of the configured date range is reached.
Set Policy as Perpetual If the policy's date range has no end date, this field displays "Always On," meaning the policy never expires.
Date Range Use this field to specify the policy's start and/or end date. If the Eternal option is selected, no date is required.
Policy Override This overrides the default order in which policies are applied. If there are multiple applicable policies, this policy is applied first unless more specific policies of the same type are configured with an override.
Bi-Directional If selected, the policy is applied when the policy's recipient is the sender and the sender is the recipient.
Source IP Ranges (n.n.n.n/x) Enter any required Source IP Ranges for the policy. These only apply if the source IP address used to transmit the message data falls inside or matches the range(s) configured. IP ranges should be entered in CIDR notation.
  1. Click on the Save and Exit button.

See Also...

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.