Policies - Out Of the Box Settings

Updated

This article describes the features activated by default on Mimecast accounts, that provide out-of-the-box protection. They are a starting point for your Mimecast journey and can be left as they are or amended to build a configuration that suits your needs.

Applies To

The default out-of-the-box settings affect:

      • All new Mimecast customers.
      • Any existing Mimecast customers upgrading their subscription to include Targeted Threat Protection.

        With existing customers, any new or changed policies are timed to take effect two weeks after the order is processed. This allows you to review and change any required settings as required. You can also make the new/changed policies effective immediately if required.

The implemented features are dependent on the Mimecast services you've purchased.

Policies - Inbound Email Flow

The following default policies are created for your inbound email flow:

Targeted Threat Protection

Mimecast’s advanced email security together with Targeted Threat Protection, uses sophisticated detection engines and a diverse set of threat intelligence sources to protect your email from spam, malware, phishing, and targeted attacks.

      • It is essential you are aware of the way this service provides information to end users. See the Email Security Cloud Gateway knowledge hub for further details.

URL Protect – Inbound

URL Protect provides email security technology that protects users against spear phishing and targeted attacks. A default URL Protect definition has been configured on your account with the settings listed below. For further information on URL Protection, read the following pages:

Field / Option Setting Comments
Enable Inbound Check Enabled This displays additional field/options that can be used to protect you against malicious URLs in inbound email.

When configuring inbound checks, use a policy with the correct routing for the definition.
Rewrite Mode Moderate This rewrites strings that contain a valid URL or path (e.g. IP addresses or www.domain.com).
URL Category Scanning Moderate  
Action Block
  • A block page is displayed and users are prevented from accessing the URL.
  • The attachment is stripped from the message before it's delivered to the end user.
  • A notification is sent to the recipient providing full details, and informs them to contact their administrator if they need to release the message.
Message Subject Protection Rewrite URLs Microsoft Outlook for Windows automatically converts URLs in the message's subject to hyperlinks. This option rewrites URLs in a message's subject, so they can be scanned. Rewritten links can be up to 200 characters long.
Create Missing HTML Body Enabled This reformats plain text messages as HTML, allowing URLs to be rewritten.
Force Secure Connection Enabled This rewrites all links with a "HTTPS://" prefix.
Set to Default Enabled This signifies this is the default definition.
Ignore Signed Messages Disabled This allows URLs found in digitally signed messages to be rewritten.
Display URL Destination Domain Enabled This displays the URL's destination domain at the end of the rewritten link (e.g. https://url.uk.m.mimecastprotect.com/s/1dBvZWHZ?domain=company.com).
Strip External Source Mode Disabled  
File Protocol URL Handling Hold This can be used to protect against hashjacking attempts, by checking for URLs that use the "file://" protocol. The options are:
  • Off: No protection against hashjacking attempts is provided.
  • Hold: Messages with URLs containing a "file://" protocol are held in the Held Message queue.

    No notification is issued even if the "Enable Notifications" option is selected. This can be mitigated by ensuring your Firewall is properly configured (e.g. blocking SMB traffic).

  • Strip: Messages with URLs containing a "file://" protocol have the URL scheme replaced with "***".

For file protocol URL handling to trigger, the URL Category Scanning option must be set to "Aggressive".
Block URLs Containing Dangerous File Types Enabled See the What is a Dangerous File Type? page for further details.
Rewrite URLs Found in Attachments Enabled Use this option to select the attachment parts to rewrite if found in a URL.
 
URL File Download Sandbox Checks if the URL points to a download file, stops the direct download, and sends the file to the Mimecast sandbox for security checking. The recipient is notified and warned if it is found to be potentially dangerous.
Scan URLs in Attachments Enabled Use this option to select the attachment parts to rewrite if found in a URL. All attachments less than 50 MB and supported by the safe file option are checked to ensure there are no malicious URLs contained in them. This option also works with compressed files, with the individual files scanned as if they weren't compressed. If malicious links are found in an attachment, the action taken depends on the "Action" setting. Stripped files are logged under the Monitoring | Attachments menu item in the Administration Console.
Advanced Similarity Checks Enabled Use this option to check URL for advanced attacks, where links appear similar to your internal and monitored external domains. For example, checking the sender's domain against:
  • Your internal domain.
  • Mimecast monitored external domains
  • Your custom monitored external domains.
Enable User Awareness Enabled This displays additional field / options that can be used to protect users clicking on URLs in messages.
User Awareness Challenge Percentage 5% Specify a challenge percentage to control the frequency of the user awareness notification displayed when a URL is clicked.
Enable Notifications Enabled This displays additional field / options that can be used to notify administrators when the definition is triggered. A default "Administrator Alerts" group is specified.

Attachment Protection - Inbound

Attachment Protect provides advanced security protection for file attachments in email. A default Attachment Protect definition has been configured on your account with the settings listed below. For further information on URL Protection, read the following pages:

Field / Option Setting Comments
Attachment Protection Delivery Options Pre-emptive Sandbox All attachments are submitted to the sandbox during the email delivery process. All vulnerable file types are analyzed, and the message and its attachments are only delivered to the recipient if they are considered safe.
Ignore Signed Messages Disabled This allows attachments found in digitally signed messages to be checked.
Sandbox Fallback Action Hold for Administrator Review Potentially dangerous messages and their attachments are placed in the Held Queue.
Release Forwarded Internal Attachments Enabled This ensures internally forwarded messages containing an attachment can be released by a user other than the intended recipient.
Enable Notifications Enabled This displays additional field / options that can be used to notify administrators when the definition is triggered. A default "Administrator Alerts" group is specified.

Impersonation Protection - Inbound

Impersonation Protect looks for combinations of key identifiers commonly found in whaling attacks. A default Impersonation Protect definition has been configured on your account with the settings listed below. For further information on Impersonation Protect, read the following pages:

Field / Option Setting Comments
Similar Internal Domain Enabled Used in conjunction with the Similarity Difference option, this provides protection for inbound messages, where the sender's domain is similar to any of your internal domains.
Similarly Monitored External Domains Enabled This checks the sender's domain against your external domains. We recommend both of the following options are also selected:
  • Check Mimecast Monitored External Domains: This checks the sender's domain against the Mimecast monitored external domains.
  • Check Custom Monitored External Domains: This checks the sender's domain against your custom monitored external domains.
Newly Observed Domain Enabled This identifies whether the sender's domain has only been used to send traffic in the last week, and therefore indicating suspicious activity.
Internal User Name Enabled This identifies if the sender's display name (usually their first and last name) is the same as one of your internal user display names, excluding the recipient’s internal username. This ensures any threats that spoof an internal user are detected.
Reply-To-Address Mismatch Disabled No check is made to identify if a mismatch has occurred between the sender’s email address (header only) and the Reply To email address.
Targeted Threat Dictionary Enabled This compares characteristics in the message's header, subject, and body against a dictionary of suspicious content. This ensures attackers that focus on financial gain or access to sensitive information are detected.
Number of Hits 2 Two or more of the four checks listed above must be triggered for any action to take place. One check by itself could cause false positive results. 

Internal Email Protect

Internal Email Protect adds additional functionality to the areas of Targeted Threat Protection listed below. It monitors, detects, and remediates threats that have landed internally, or that originate from your email system. This includes messages destined to other internal users or external recipients.

URL Protection Outbound Settings

Field / Option Setting Comments
Enable Outbound Check Enabled This displays additional field / options that can be used to protect you against malicious URLs in outbound email.
URL Mode Relaxed Checks only when the URL contains a valid URL or path (e.g. www.domain.com).
URL Category Scanning Relaxed  
Gateway Action Hold The outbound message is placed on hold for the administrator to investigate and release.
Gateway Fallback Action Hold
User Mailbox Action None No action is taken on the sender’s mailbox.
User Mailbox Fallback Action None
Block URLs Containing Dangerous File Extensions Enabled See the What is a Dangerous File Type? page for further details.
Scan URLs in Attachments Enabled Use this option to select the attachment parts to rewrite if found in a URL. All attachments less than 50 MB and supported by the safe file option are checked to ensure there are no malicious URLs contained in them. This option also works with compressed files, with the individual files scanned as if they weren't compressed. If malicious links are found in an attachment, the action taken depends on the Action setting. Stripped files are logged under the Monitoring | Attachments menu item in the Mimecast Administration Console.
URL File Download Sandbox Downloaded files are processed through the Mimecast sandbox to check for malicious code.
Enable Notifications Enabled This displays additional field / options that can be used to notify administrators when the definition is triggered. A default Administrator Alerts group is specified.

URL Protection Internal Settings

Field / Option Setting Comments
Enable Inbound Check Enabled This displays additional field / options that can be used to protect you against malicious URLs in inbound email. The fields displayed and enabled will follow the same settings as outlined in the URL Protection Inbound Settings.
Enable Journal Check Enabled This displays additional field / options that can be used to protect you against malicious URLs in internal email.
URL Mode Relaxed Checks only when the URL contains a valid URL or path (e.g. www.domain.com).
URL Category Scanning Relaxed  
User Mailbox Action None No action is taken on the recipient’s mailbox.
User Mailbox Fallback Option None
Scan URLs in Attachments Enabled Use this option to select the attachment parts to rewrite if found in a URL. All attachments less than 50 MB and supported by the safe file option are checked to ensure there are no malicious URLs contained in them. This option also works with compressed files, with the individual files scanned as if they weren't compressed. If malicious links are found in an attachment, the action taken depends on the "Action" setting. Stripped files are logged under the Monitoring | Attachments menu item in the Administration Console.
URL File Download Sandbox Downloaded files are processed through the Mimecast sandbox to check for malicious code.
Enable Notifications Enabled This displays additional field / options that can be used to notify administrators when the definition is triggered. A default Administrator Alerts group is specified.

Attachment Protection Outbound Settings

Field / Option Setting Comments
Enable Outbound Checks Enabled This displays additional field / options that can be used to protect you against malicious attachments in outbound email.
Gateway Action Hold The outbound message is placed on hold for the administrator to investigate and release.
Gateway Fallback Action Hold
User Mailbox Action None No action is taken on the sender’s mailbox.
User Mailbox Fallback Action None
Enable Notifications Enabled This displays additional field / options that can be used to notify administrators when the definition is triggered. A default Administrator Alerts group is specified.

Attachment Protection Internal Settings

Field / Option Setting Comments
Enable Inbound Check Enabled This displays additional field / options that can be used to protect you against malicious attachments in inbound email. The fields displayed and enabled will follow the same settings as outlined in the Attachment Protection Inbound Settings.
Enable Journal Checks Enabled This displays additional field / options that can be used to protect you against malicious attachments in internal email.
User Mailbox Action None No action is taken on the recipient’s mailbox.
User Mailbox Fallback Action None
Enable Notifications Enabled This displays additional field / options that can be used to notify administrators when the definition is triggered. A default Administrator Alerts group is specified.

Spam Scanning

Mimecast uses multiple content-based heuristic scanning engines that examine the content of messages to look for key phrases, and other identifiers commonly used by spammers. These include content matching rules, DNS based definitions, checksum based definitions, and statistical filtering definitions. The aim is to reject unwanted spam and malware messages in protocol.

However, there are occasions where Mimecast cannot determine if a message is wanted by the end user or not (e.g. promotional notifications, newsletters or advertisements). In such scenarios, you can configure spam scanning to identify the messages that may be graymail rather than spam. This is achieved by adding the following SMTP header to messages that are identified as graymail:

X-Mimecast-Bulk-Signature: yes

With this header enabled, you can define a rule in your email client to take action on graymail (e.g. move messages to a  Graymail folder). This removes email noise from the Inbox and allows users to browse bulk mail in their own time.

End users can prevent messages from being classified as graymail by adding senders to their Managed Senders list using a Mimecast end user application.

To achieve the above a default spam scanning definition and policy is created with the following settings:

Field / Option Setting Comments
Spam Detection Level Relaxed This is the recommended setting for users that are actively targeted by promotional and junk email.
Spam Detection Action Hold for Review Messages triggered as spam are sent to the hold queue.
Graymail Detection Action Tag Headers as Graymail The SMTP header is tagged with "X-Mimecast-Bulk-Signature: yes".


See the Configuring Spam Scanning Definitions and Policies page for further details.

Greylisting

Greylisting looks at the following pieces of information (which we will refer to as a Triplet from now on) about any particular email delivery attempt:

      • The IP address of the host attempting the delivery.
      • The envelope recipient address.
      • The envelope sender address.

With this triplet, Mimecast has a unique relationship for that particular SMTP session. If we have never seen this triplet before, we issue a server busy status (451 Internal resource temporarily unavailable). This server busy status is maintained for 60 seconds, forcing the sending server to queue and retry. This is a 400 message (temporary error) and not a 500 message (permanent error). A correctly configured Message Transfer Agent (MTA) will attempt retries if given an appropriate temporary failure code for a delivery attempt.

If the message comes back after 60 seconds, and before the 12 hour upper limit, the message will be not be subjected to further greylisting. If the message is not retried within this 12 hour period, an entry is logged in the Rejection Viewer as Sender Failed to Retry 12 hours after the initial attempt). If the message returns after 12 hours, the greylisting process starts again. An Exchange server, by default, will retry email every ten minutes up until a certain point. Greylisting is applied to all inbound email by default.

Secure Delivery & Secure Receipt

The policies listed below are added to all new accounts to add email addresses or domains that must only be communicated with using TLS.

These policies are bi-directional so it will apply to both inbound and outbound email.

  • A Secure Delivery definition called Default Secure Delivery - Enforced TLS is created with the Enforced TLS option. This requires a publicly signed certificate from a root certificate authority. See the Configuring Secure Delivery Definitions and Policies page for full details.
  • A Secure Delivery policy from Everyone to a group called Enforced TLS Group. Add email addresses or domains to this group so that email to them will attempt Enforced TLS.
  • A Secure Receipt policy from Everyone to a group called Enforced TLS Group
  • .  See the Configuring Secure Receipt Policies page for full details.

Anti-Spoofing

This policy is used to avoid spoofing. The policy is configured to apply anti-spoofing to email from your domain to your domain. When configuring this policy, administrators should ensure they don't have external clients that send email appearing to be from the internal domain to internal users.

Permitted Senders

Permitted Senders policies ensure successful delivery of inbound messages from trusted sources. Messages from permitted senders bypass our reputation and spam checks, avoiding the possibility of being rejected or placed in the hold queue. This is useful in situations where the sender's mail server is listed in an RBL, or for messages flagged by our content checks.

A Permitted Senders message is still subject to system wide message compliance and virus checks. Adding an address to the Permitted Senders list, just removes the message from additional spam checks.

Auto Allow

An Auto Allow policy produces the same result as a permitted senders list; it bypasses greylisting and spam checks. The policy asks Mimecast to review its sender / receiver database, to determine if an internal email sender has sent a message to the address from which a new message is arriving. This policy is used to build individual auto whitelist. The auto allow policy is set to apply from Everyone to Everyone .

See the Auto Allow Creation Policy Configuration page for further details.

Digest Set

A default Digest Set definition and policy is created to list the held messages for a user. The notification sent to users uses informing them of any held messages, allows them to Block, Release, or Permit both individual or all held messages. See the Digest Policies page for further details.

Delivery Routing

Delivery Routes determine the route to be used for inbound email delivery. By default, outbound emails are delivered to the recipient using available MX records. However, if an outbound Delivery Route has been configured, this overrides the MX record. Delivery routes require the specific route to be configured, and a policy to determine the flow of traffic. Alternate routes can also be created. This enables a failover option, should a customer's primary route be unavailable. If multiple similar routes (the FROM and TO variables are the same) are configured, this results in a round robin (random selection) of these routes. This is also useful to balance mail server load.

Delivery Routes contain the details of the delivery destination (e.g. the hostname or IP Address of the email server). Mimecast's flexible routing policies allow emails to be delivered to a specific server based on a domain, group, attribute, or individual address.

See the Delivery Routing Configuration page for further information.

DNS Authentication

DNS Authentication policies control the types of authentication checks performed when we send or receive a message. The following systems work by defining extra DNS records for the sending domain. See the following pages for details:

Inbound DNS Checks

Inbound DNS Authentication checks allow Mimecast to validate the sending systems using pre-configured DNS entries. We've configured settings across all three DNS services (SPF, DKIM, and DMARC). These take no action if there are no records found. On the detection of DNS Authentication records, we'll take the following actions:

SPF:

Scan Result Configured Actions
None Take No Action: No actions are applied to a message.
Neutral Ignore Managed / Permitted Sender Entries: Reputation, greylisting, and spam checks are performed.
SoftFail Ignore Managed / Permitted Sender Entries: Reputation, greylisting, and spam checks are performed.
HardFail Ignore Managed / Permitted Sender Entries: Reputation, greylisting, and spam checks are performed.
PermError Ignore Managed / Permitted Sender Entries: Reputation, greylisting, and spam checks are performed.
TempError Ignore Managed / Permitted Sender Entries: Reputation, greylisting, and spam checks are performed.

DKIM:

Scan Result Configured Actions
None Take No Action: No actions are applied to a message.
Fail Ignore Auto Allow / Permitted Sender Entries: Spam checks are performed.
PermError Ignore Managed / Permitted Sender Entries: Spam checks are performed.
TempError Ignore Managed / Permitted Sender Entries: Spam checks are performed.

DMARC:

Scan Result Configured Actions
None Take No Action: No actions are applied to a message.
Fail Honor DMARC DNS Record Action: Applies the action specified in the DMARC record for the sending domain specified by the domain owner. If a DMARC policy uses the 'Quarantine' action, Mimecast places the message in hold for review.
PermError Ignore Auto Allow / Permitted Sender Entries: Spam checks are performed.
TempError Ignore Auto Allow / Permitted Sender Entries: Spam checks are performed.

Policies - Outbound Email Flow

The following default policies are created for your  outbound email flow:

Stationery Layouts

A default Stationery Layout is created with a disclaimer that is applied to all outgoing email. The following examples show a couple of regional variations of this content:

      • Example 1 (UK & US): "This email message has been delivered safely and archived online by Mimecast. For more information, please visit http://www.mimecast.com".
      • Example 2 (South Africa): "The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation to the contents of this information is strictly prohibited and may be unlawful.

This email has been scanned for viruses and malware, and automatically archived by Mimecast SA (Pty) Ltd, an innovator in Software as a Service (SaaS) for business. Mimecast offers email continuity, security, archiving and compliance with all current legislation. To find out more, contact Mimecast."

See the Configuring Stationery Layout Definitions and Policies page for further details.

Message Actions

A Message Actions policy is used to control usage features for Mimecast for Outlook, in conjunction with your Application Settings.

See the Configuring Message Actions Policies page for further details.

Policies - Inbound & Outbound Email Flow

The following default policies are created for both your inbound and outbound email flow:

Attachment Sets

Attachment Sets control the file types that are allowed, blocked, linked, or held when sending or receiving email. The default attachment set uses Mimecast's best practice dangerous file types, all of which are set to be blocked.

See the Configuring Attachment Management Definitions and the Dangerous File Type pages for full details.

Blocked Senders

Blocked Senders policies are almost identical to anti-spoofing policies, but they are applied to all types of email: inbound and outbound.

A policy from External to External is created by default to prevent open relay out to another external environment. You cannot make changes to this policy. A new blocked senders policy can be created to override aspects of the default policy, but you cannot configure an additional External to External blocked senders policy.

Note the following:

      • It's more efficient to create a Blocked Sender policy against a profile group, and to maintain all suspect email addresses and domains in that group.
      • If you want to allow external email to relay to another email address, add the address to the Relay folder under Directory | Profile Groups (commonly used when forwarding from exchange to external contacts). There is a policy in place for this that is assigned to a relay folder.
      • To prevent a failed delivery or hard SPF rejection, the forwarding domain must have a Netblocks address configured to their SPF. Additionally, the domain owner must add an entry to their DNS TXT record which will allow for their messages to pass SPF checks.

See the Configuring Blocked Senders Policies page for further details.

 

Email Size Limits

An Email Size Limit policy is created with the maximum acceptable size set to 200 MB. See the Configuring Email Size Limits Policies page for further information.

Suspected Malware

A Suspected Malware policy is created to ensure messages containing the following file types in a ZIP file, are held in the hold review queue and marked as suspected malware:

      • EXE
      • MSI
      • COM
      • PIF
      • SCR
      • CPL

Note the following:

      • Encrypted ZIP files are not affected by this policy.
      • This policy works independently of any Attachment Management policy that you've created.
      • The policy can be bypassed via a Suspected Malware Bypass policy, but this is not recommended. If you do, a new virus outbreaks might go undetected while signatures are being updated.

See the Suspected Malware page for further information.

 

Message Passthrough

When a message is processed, Mimecast explodes it and its attachments into the raw components, indexes the text, and recompiles the attachment based on the header information regarding the attachment type (e.g. mime or content type). A Message Passthrough policy allows a message to be processed without it being exploded into its raw components. This is useful if one of the following limits has been reached:

      • 5 levels of .ZIP file recursion.
      • 10,000 files per .ZIP file.
      • Maximum unpacked file size 100 MB.
      • Total maximum unpacked size 2GB.

The Archive Extract Error gets thrown for unsupported .ZIP files (e.g. .ZIPX).

We recommend a Message Passthrough policy is as specific as possible. For example:

Field / Option Setting
Policy Options Do not explode message content
Applies From Individual email address
Specifically Enter the sender email address
Applies To Individual email address or domain
Specifically Enter the recipient email address or domain


See the Message Passthrough page for further details.

Suspicious Message Structure

Items placed in the hold review queue due to a Suspicious Message Structure, means the message is incorrectly structured, based on RFC822 and RFC1123 (Request for Comment) documents published by the Internet Engineering Task Force. Mimecast provides extensive checking based on the structure and make up of these messages to prevent any malicious or dangerous email from entering a mail environment. Although it is common that many mail servers and clients do not conform to the RFC standards, we are flexible on the format we accept and hold only the problematic instances.
If a message is held, the recipient receives a notification similar to the following:

The message indicated below matches content alert policies set by the System Administrator(s). Message information:

Sender : sending address
Intended Recipient : recipient address
Message Subject : subject
Message Date : date and time
Message Status : The message has been placed on HOLD - action required
Content Policies Triggered:
- This message is badly structured and may contain dangerous content

Some of the reasons for messages being placed in the hold queue "Suspicious Message Structure" can be the following:

      • Incorrect Encoding of a Message: An example is a message received that has been encoded by a system in a binary format. This can result in a corrupt email, mail folder on the recipient's mail folder, or mail program. It's unlikely that the file will even be usable, and the sender should try and send the message again. See the Content-Transfer-Encoding: binary page on the Microsoft website for further details.
      • Mail Format that should not be Sent Over the Internet: An example is a message that has a WINMAIL.DAT attachment with a number of formatting irregularities. This format is only supported by Microsoft Exchange, as the .DAT file contains formatting components for a specific email client application. The sending machine should not allow messages with this formatting to traverse the internet, as not all mail servers can interpret the file. To solve issue, see the How email message formats affect Internet email messages in Outlook page on the Microsoft website:

If the sending party can't resolve the issue on their end, a Message Passthrough policy has been created with the following options:

Field / Option Setting
Policy Options Do not explode message content
Applies From Individual email address
Specifically Enter the sender email address.
Applies To Individual email address or domain.
Specifically Enter the recipient email address or domain.

See the Configuring Message Passthrough Policies page for further details.

Profile Groups

Two profile groups are added by default on all new accounts:

      • Administrator Alerts: This group is used by the default URL Protect, Attachment Protect, and Impersonation Protect definitions to notify users when a definition is triggered. It has one user assigned to the group, which is the account contact that signed the Request for Information form.
      • Enforced TLS Group: This group is for internal or external domains that are obligated to use TLS.

Additional administrators can be added to these groups as required. See the Managing Groups page for full details.

Application Settings

An Application Settings definition is enabled for all internal users and provides access to all Mimecast user tools. This default definition cannot be edited, but additional definitions can be created to apply to specific user groups. The Application Settings contain the following:

Field / Option Setting Comments
Forward and Reply to Suspicious Messages Enabled Mimecast for Outlook users will see the suspicious tag applied to the message, but can forward or respond to them.
Allow User to Failover Manually Enabled These settings allow users or administrators to force continuity mode, but prevent it automatically being applied (e.g. if a laptop user moves away from their desk and losing the wi-fi connection).
Enable Administrator Failover Enabled
Allow Automatic Failover Disabled


See the Configuring Application Settings​​​​​​ page for further details.

Account Settings

There are some default Account Settings enabled by default that work with Targeted Threat Protection. These are located in the User Access and Permissions section. See the Mimecast Account Settings page for further details.

Field / Option Setting Comments
Targeted Threat Protection Authentication Enabled Allow you to set a period after which a user's device must be reauthenticated, if there has been no user interaction with Targeted Threat Protection.
Authentication Duration (Days) 60  

Account Assessment Reports

Account Assessment Reports are high level summary reports regarding the features of your Mimecast account. They can report either email weekly, monthly, or downloaded from the Administration Console. The email address of the primary Implementation lead (supplied during the purchase process) is automatically added to the monthly email reports.

To modify or add additional recipients you can:

  1. Log on to the Mimecast Administration Console.
  2. Select the Reporting | PDF Reports menu item. The PDF Report Schedule dialog is displayed with the Weekly Report section expanded.
  3. Click on the Account Assessment button.
  4. Select either Weekly Reports or Monthly Report and add up to a maximum of five recipients. If you require more than five recipients, create a distribution list and add this as one of the five.

You also have the option to download past reports. Reporting starts from the moment your account is created.

See the Account Assessment Report page for further details.

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.