Policies - Policy Basics

Updated

This article contains information on configuring Mimecast policies, including criteria for sender/recipient application, validity settings, and the differences between Envelope (P1) and Header (P2) addresses to ensure accurate email processing.

Mimecast's Policies utilize a familiar layout comprising required criteria that dictate who or what a particular policy applies to. Use this guide to ensure your policy applies to the correct sender(s) and/or recipient(s).

The following video explains how many standard policies are configured within Email Security Cloud Gateway; some policies utilize additional options specific to that policy, which will be covered in their respective articles.

Options

Name your Policy with a descriptive Narrative and Select its Definition or Action Option.

Field / Option
 Description
Policy Narrative Enter a description for the policy to allow you to quickly identify it.
Select Option,  Definition, or Action Use this option to select the action to apply or the definition Mimecast will utilize when a match is made against the Sender, Recipient, and Validation criteria.

Emails From and To

Complete the Emails From and Emails To sections as required.

Field /Option Description

Addresses Based On

Specify the email address characteristics the policy is based on. This option is only available in the Emails From section. The options are:

  • The Return Address (Mail Envelope From)
    Sometimes referred to as the P1 address., this default setting applies the policy to the SMTP address match based on the message's envelope or true address
  • The Message From Address (Message Header From)
    Sometimes called the P2 address, this setting applies the policy to the masked address in the message's header.
  • Both
    This option applies the policy based on the Mail Envelope From (P1) or the Message Header From (P2), whichever matches. If both match the specified value, the Message Header From is used.

Applies From / To

Specify the Sender characteristics the policy is based on. For multiple policies, you should apply them from the most to the least specific. The options are:

  • Everyone: Includes all internal and external users. This option is only available in the "Emails From" section.
  • Internal Address: Includes only internal addresses.
  • External Address: Includes only external addresses. This option is only available in the "Emails From" section.
  • Email Domain: This enables you to specify a domain name to which this policy is applied. The domain name is entered in the Specifically field.:
  • Address Groups: This enables you to specify a directory or local group. If this option is selected, click the Lookup button to select a group from the Profile Group field. Once a group has been selected, click the Show Location field to display the group's path.

    If the selected group has sub-groups, the policy will apply to all groups in the hierarchy.

  • Address Attributes: This enables you to specify a predefined Attribute. The attribute is selected from the Where Attribute drop-down list. Once the Attribute is specified, an attribute value must be entered in the Is Equal To field. This can only be used if attributes have been configured for user accounts.
  • Individual Email Address: This enables you to specify an SMTP address. The email address is entered in the Specifically field.

Validity

For more information regarding Validity, refer to Mimecast Policy Validity

Envelope (P1) & Header (P2) Differences Explained

Every email has two sending addresses. One is known as the Envelope (P1) Address, and the other is the Header (P2) Address, sometimes called the display address. In most scenarios, these are the same, but they don't have to be.

Mail coming from an automated service, for example, often has a different Envelope and Header address. The Envelope address is typically the "real" address, which can sometimes be a long, one-time string of letters and numbers that would be unrecognizable to the recipient. In this case, the system also adds a user-friendly 'Header' address like no-reply@mimecast.com<no-reply@mimecast.com>.

During transmission, the Envelope address is received first, and based on policy configuration, action is taken before receiving the Header address. For example:

You receive a newsletter with the header info@example.com<info@example.com> and the Envelope address 12345abcd@example.mailing.com<12345abcd@example.mailing.com>. You have a greylisting policy for "example.mailing.com" scoped to the Envelope address and a Permit policy for 'example.com' scoped to the Header address. In this instance, the message will be greylisted before we receive the Header address, so the Permit will not be honored.

To Summarize

  • Envelope From (P1): This is the actual address that is transmitted and actioned first.

  • Header From (P2): This is the email address displayed to users.

  • The Mimecast Administration Console always lists policies in order of ascending specificity, from the least specific to the most specific. For full details on how specificity is applied, see Mimecast Policy Specificity.
  • Full details on Policy Validity can be found in Mimecast Policy Validity.

See Also...

Related to

Was this article helpful?
4 out of 7 found this helpful

Comments

0 comments

Please sign in to leave a comment.