Policies - Sieve Sub Address Policy - Configurations

Updated

This article contains information on configuring Sieve Sub Address policies in Mimecast, including usage considerations, delimiter behavior, and steps to enable or modify policies for handling inbound emails with sub-addressing extensions.

The Sieve Sub Address policy applies to inbound mail where the internal recipient address holds a sieve sub extension. Mimecast may reject these addresses during the recipient validation checks, which can be bypassed by configuring the policy.

Usage Considerations

Consider the following before creating a policy:

  • The Sieve Sub Address policy is available to customers utilizing our latest gateway.
  • Examples of email addresses with delimiters are:
    • user+sieve@domain.com
    • user--sieve@domain.com

Configuring a Sieve Sub Address Policy

To configure a Sieve Sub Address policy:

  1. Log in to the Mimecast Administration Console.
  2. Navigate to Policies Gateway Policies | Sieve Sub Address.
  3. Either select the:
    • Policy to be changed.
    • New Policy button to create a policy.
  1.   Complete the Options section as required:
Field / Option Description
Policy Narrative Describe the policy to allow you to identify it in the future quickly.
Select Option

See the Understanding Sieve Sub Address Policy Options section for further details.

 Specify whether to take no action or one of the following actions:
Action Example Description
Enable + Delimiter Recognition user+sieve@domain.com Our gateway ignores the Sieve Sub extension for the inbound check and policy processing but delivers the item to the address that includes the Sieve Sub extension.
Enable - Delimiter Recognition user--sieve@domain.com Our gateway ignores the Sieve Sub extension for the inbound check and policy processing but delivers the item to the address that includes the Sieve Sub extension.
Enable + Delimiter Recognition and Removal user+sieve@domain.com Our gateway removes the Sieve Sub extension for the inbound check and policy processing but delivers the item to the address minus the Sieve Sub extension.
Enable -- Delimiter Recognition and Removal user--sieve@domain.com Our gateway removes the Sieve Sub extension for the inbound check and policy processing and delivers the item to the address minus the Sieve Sub extension.

The policy only applies to messages addressed to internal addresses. Therefore, an Everyone to Internal Policy is recommended, provided that only one delimiter is used.
  1. Complete the remainder of the policy as necessary; refer to the Policy Basics: From / To / Validity KB article if needed.

When setting up a Sieve Sub Address policy, you will be scoping the policy to an email address/profile group. If it scoped to email+123456789@domain.com, the sieve will be acknowledged and known address policies will work. Be aware that if you scope the policy to email@domain.com, it will not see the policy, and the email will fail known address checks.

  1. Click Save and Exit.

Understanding Sieve Sub Address Policy Options

Address Components

Sieve sub-addressing allows the augmentation of an address with additional information, which is done by adding a delimiter between the user's email address and further address details. A typical example would look like user+detail@domain.com. However, the behavior changes depending on whether a + or -- delimiter policy is used.

The email address is broken down into several categories, as noted below.

      • Local-Part: This encapsulates all data to the left of the @ symbol. 
      • Separator/Delimiter: This is used to distinguish between the user and the detail of the message.
      • User: The original local-part address.
      • Detail: The additional detail provided.

We do not support the use of multiple details such as user+detail1+detail2@domain.com.

Delimiter Behavior

Mimecast interprets the address based on the following considerations and delivers the message to the "user" @domain.com, ignoring or removing the "detail."

      • When the + delimiter is chosen, the "user" portion of the email is to the left of the delimiter. 
      • When the -- delimiter is chosen, the "user" portion of the email is to the right of the delimiter.
      • With a + delimiter policy in place, a message is sent to user+test@domain.com Mimecast would accept the message to user@domain.com.
      • With a -- delimiter policy in place, a message is sent to user--test@domain.com Mimecast would accept the message to test@domain.com. Likewise, a message sent to test--user@domain.com, would be accepted to user@domain.com.

In addition to the delimiter selection, Mimecast also offers two variations of the delimiter handling set via the definition:

      • Delimiter Recognition and Removal: This disregards the detail, processes the message against user@domain.com, and delivers the email to the client's environment as user@domain.com. For example, a message is sent to either user+test@domain.com or test--user@domain.com. The inbound checks are run versus user@domain.com, and the message is delivered to the client's environment as user@domain.com.
      • Delimiter Recognition: This disregards the detail and processes the message against user@domain.com, but the unaltered address is delivered to the client's environment. For example, a message sent to user+test@domain.com or test--user@domain.com will run inbound checks against user@domain.com. The message is then delivered to the client's environment as user+test@domain.com (or test--user@domain.com).

The customer environment must be able to interpret this address themselves or risk rejection as an unknown recipient.

See Also...

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.