Overview
This article contains information on managing Mimecast Email Security Cloud Integrated settings, including disabling specific checks in Microsoft Defender, and adjusting mail flow rules for successful operation.
Frequently Asked Questions
|
Q:
|
Why does Mimecast Email Security Cloud Integrated require Sender ID & SPF Hard Fail checks to be disabled?
|
|
A:
|
When administrators choose Protect or Monitor modes during installation, a warning indicates that Sender ID and SPF Hard Fail settings within Microsoft 365 will be checked.
If enabled, these features can cause mail delivery issues and place messages on hold within Microsoft 365. These settings can be easily overlooked as they can be present within multiple EOP Anti-Spam policies. Mimecast recommends turning these options off as they are known to place any messages processed by Mimecast Email Security Cloud Integrated on hold, even if they contain no malicious content.
If this check cannot be completed, the installation will not proceed. As per the Microsoft best practices referenced in this article, Defender office 365 recommended settings for EOP, these settings should both be disabled. |
|
Q:
|
What is the effect of disabling SPF Record: Hard Fail and Sender ID filtering options?
|
|
A:
|
Microsoft 365 will continue to perform SPF checks for inbound messages and honor the action specified in the sending domain’s SPF record (p=). This is also Microsoft's recommended setting. Microsoft disables this by default for any new Anti-Spam policy.
|
|
Q:
|
Why are there issues with mail flow, after installing Mimecast Email Security Cloud Gateway?
|
|
A:
|
When configuring Monitor or Protect Mode in Email Security Cloud Integrated, Mimecast transport rules get automatically installed in Exchange Online on the your Microsoft 365 tenant, and added to the top of the list, above any existing rules.
It's important that you check the priority order of your transport rules after installing Mimecast Email Security Cloud Integrated, so that those that need to be at the top (like rules for disclaimer management tools for example) get moved back up. Otherwise the Mimecast rules will cause issues and potential loss of mail. |
Updating Anti-Spam Policies in Microsoft Defender
You can disable the SPF Record: Hard Fail and Sender ID filtering hard fail checks within Microsoft Defender, by using the following steps:
- Login to Microsoft 365’s Defender portal (https://security.microsoft.com/antispam).
- Navigate to Email & Collaboration | Policies and Rules | Threat Policies.
- Click on Anti-Spam.
- Select the Anti-spam inbound policy (default).
- On the newly opened slide-out panel, Click to Edit the Spam Threshold and Properties.
- Select Off for the SPF Record: Hard Fail and Sender ID filtering hard fail options and click Save.
- Repeat steps 5-7, confirming that the above options are disabled for any other custom Anti-Spam policies.
Once the above steps are complete, you can attempt to re-run the Mimecast Email Security Cloud Integrated installation, by using the following steps:
- Log back into Email Security Cloud Integrated.
- Navigate to: Configuration | Service Authorizations via the left-hand menu.
- Click Settings on the Microsoft 365 Mail card.
- Click Reinstall.
Comments
Please sign in to leave a comment.