Configuration - Allow & Block Rules

Updated

This article describes how to configure Block and Allow Rules in Mimecast Email Security Cloud Integrated, and is intended for Administrators.

Introduction

Block and Allow Rules allow you to specify who or what is allowed into your environment, and can be applied to:

  • Sender Email Addresses.
  • Sender Email Domains.
  • URLs.

Block and Allow lists will override your Policy detection actions.

Viewing, Editing & Deleting Rules

Viewing Rules

You view your current list of Block/Allow rules in Mimecast Email Security Cloud Integrated, by using the following steps:

  1. Log in to Mimecast Email Security Cloud Integrated.
  2. Select the Menu icondrop.png icon.
  3. Navigate to Configuration | Allow/Block Rules.

From here, you can view a list of rules with the following heading criteria.

  • Action.
  • Criteria.
  • Reason.
  • Matching Messages.
  • Edited By.
  • Edited Date/Time.
  • Created By.
  • Created Date/Time.
  • You can sort the list by either Action, Edited By, Created By, or the Edited and Created Date/Time columns.
  • The headings list can be customized by clicking the gear image.png button and selecting the desired headings you wish to display.

Editing Rules

To Edit an existing rule entry, select the desired rule from the Allow/Block Rules list, by clicking on the entry itself and then making any necessary changes on the View/Edit screen.
Alternatively, click the 3-dot options button on the far right-hand side of the column list and select View.

allowblockviewdrop.png

Deleting Rules

To Delete an existing rule entry, select the desired rule from the Allow/Block Rules list by clicking the entry itself and selecting the Delete button at the top of the View/Edit screen.
Alternatively, click the 3-dot options button on the far right-hand side of the column list and select Delete.

deletedrop.png

Deleting a rule will trigger a confirmation pop-up box, requesting you confirm this action as deleted rules cannot be recovered.

Creating a Sender-Based Rule

You can create an Allow/Block list based on a sender's email address or domain, by using the following steps: 

  1. Log in to Mimecast Email Security Cloud Integrated.
  2. Select the Menu icondrop.png icon.
  3. Navigate to Configuration | Allow/Block Rules.
  4. Select the Sender tab.
  5. Click Add Rule.
  6. Select the action Allow or Block.
  7. Enter one or more header and/or envelope address(es) or domain(s).
  8. Use the Condition drop-down to select the which operator should be used to process the Allow/Block rule(s) (AND, OR).
  9. Use the Reason drop-down to select a reason for the Allow/Block rule.
  10. Choose to enable administrator notifications for the rule.
  11. Click Save.
  • When a domain is added to a rule, sub-domains are automatically covered, and the use of wildcards is not required. E.g. adding domain.com to a rule automatically covers sales.domain.com.
  • The condition feature will only be enabled if both the envelope and header fields are populated with an email address or domain. 
  • If multiple entries are added into one or both of the address fields, each address will be matched using the OR condition. 

Example:

Condition

 OR
Envelope Address Field bob@abc.com, bt.com
Header Address Field  b@abc.com, bt.com  

Based on the above, using the OR operator, Mimecast Email security Cloud Gateway will search for envelope addresses in the envelope address field and if a single match is identified the rule will be applied. The search will not be looking for a message with all of the addresses that are configured in the address field.

Creating a URL-Based Rule

You can create a URL-based Rule for the Allow/Block list by using the following steps:

  1. Log in to Mimecast Email Security Cloud Integrated.
  2. Select the Menu icondrop.png icon.
  3. Navigate to Configuration | Allow/Block Rules.
  4. Select the URLs tab.
  5. Click Add Rule.
  6. Select the action Allow or Block.
  7. Enable or Disable the Rewrite URL toggle switch to suit your preference.

    The Rewrite URL toggle is only available if the Allow option is checked.

  8. Enter the URL criteria you need to take action on.
  9. Use the Reason drop-down to select a reason for the Allow/Block rule.
  10. Choose to enable administrator notifications for the rule.
  11. Click Save.

When a domain is added to a rule, sub-domains are automatically covered, and the use of wildcards is not required. E.g., adding domain.com to a rule automatically covers sales.domain.com.

Related to

Was this article helpful?
0 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.