Service Update
| Availability | April 24th, 2023 |
| Product(s) | Email Security Cloud Gateway (CG) |
| Who's affected | SMTP Authentication users |
Overview
As part of Mimecast's commitment to continuous improvement, aligning with best practices, and putting the security of our customers first, we have significant updates to share with you regarding your SMTP Authentication with Mimecast.
What's changing
Mimecast will no longer support SMTP Authentication requests that are not encrypted using Transport Layer Security (TLS).
After this date, any connections using SMTP Authentication that are not secured using TLS will fail to be established, with the "553 This route requires encryption (TLS) error".
- SMTP Authentication requests must be encrypted using Transport Layer Security (TLS).
- SMTP Email Submission and Journal Connectors using SMTP Authentication will be impacted if not using TLS.
Deployment Schedule
| Region | Date |
| CA, JER, USB | March 22nd 2023 |
| AU | April 5th 2023 |
| ZA | April 12th 2023 |
| US | April 19th 2023 |
| UK | April 26th 2023 |
| DE | June 28th 2023 |
Recommended actions
Customers utilizing SMTP Authentication will need to carry out the following actions:
- Identify which internal users or Journaling connectors are configured to use SMTP Authentication within Mimecast.
- To identify internal users configured to use STMP Authentication, log onto the Mimecast Administration Console and navigate to Directories | Internal.
- If the user configured for SMTP Authentication no longer needs access to the feature, the “Allow SMTP Email Submission” option can be disabled.
- To identify Journaling connectors configured to use STMP Authentication, log onto the Mimecast Administration Console and navigate to Services | Journaling.
- If the Journal connector configured for SMTP Authentication no longer needs access to the feature, the “Use SMTP Email Submission” option can be disabled.
- Addresses that are sending via SMTP Authentication can be identified by logging onto the Mimecast Administration Console and navigating to Archive | Archive Search and running a search with the "Search Message Headers" criteria enabled for all outbound mail flow, that includes the following term: "relay.mimecast.com with ESMTP with AUTH".
If you only need to identify senders sending via SMTP Authentication and using TLS encryption, the following search criteria can be used instead: "relay.mimecast.com with ESMTP with both STARTTLS and AUTH".
- Confirm that the device, or send connector, that utilizes SMTP Authentication has TLS enabled.
Comments
Please sign in to leave a comment.