This article provides information on configuring Mimecast Policy Validity, including enabling, expiring, and overriding policies, setting bi-directional rules, and applying source IP ranges to control email processing.
An Active Policy is applied to emails, and an Expired Policy is ignored by Mimecast. Validity can be controlled manually, and Policies can also be automatically set to expire on a certain date. By default policies are set to apply Eternally.
Policy Validity also allows certain options to be applied to policies. For example, bi-directional policy application, policy override, and adding Source IP addresses.
Overview
Policy Validity can be used to apply or expire policies that affect email processing on Mimecast. By expiring a Policy so that it does not take effect, the Policy can be retained for future use (as opposed to deleting the Policy and having to re-create it). The Validity options of a Policy also determine the bi-directionality and Override settings of the Policy and allow policies to apply based on source IP addresses or ranges.
How do I Use Policy Validity?
By default, when a new Policy is created, the Start and End dates are automatically set to Eternal, which indicates that the policy is immediately active and is not set to expire. These date fields can be modified so that a Policy can either be active, ready (set to activate in the future), or expire (take no effect).
The validity of a Policy is shown using different colored status indicators:
-
- The policy is currently active.
-
- The policy starts in the future.
-
- The policy has expired.
-
- Policy override has been selected for this policy.
Only active policies are applied when Mimecast processes an email. Open the Policy to set the Validity options:
| Field / Option | Description |
|---|---|
| Enable/Disable | Clicking this button will either enable (default) or disable the policy you are currently configuring. Allowing for policies to be disabled quickly and easily without the need for backdating or deleting the policy.
Policy expiration date ranges are still honored, resulting in expired policies becoming disabled. |
| Set policy as perpetual (Always On) | Clicking this button will set/change the Start and End Dates of the Policy to Eternal |
| Date Range | This is set to All Time by default. Clicking on the drop-down arrow displays a Calendar control that allows you to manually set the Start and End Dates for the policy. |
| Policy Override | An Override changes the order of selection for a list of policies. When an Administrator needs to force Mimecast to ignore specificity, they can apply the Override option. Policy override takes precedence over Policy specificity. Once the Policy Override is removed, the Policy selection system will return to its normal selection methodology, applying the most to the least specific Policies. |
| Bi-Directional | Applies the Policy in the reverse mail flow as well, i.e. when emails are from the To field and are sent to the From field as defined in the Policy. An Administrator is able to create one Policy that applies to emails traveling both inbound and outbound, rather than having to create two separate policies for the same result. For example: To apply a Policy that will cover inbound (External TO Internal) and outbound (Internal TO External) emails, create one Policy (External TO Internal) and select the Bi-Directional check box.
A policy that is set to apply FROM Everyone and TO Everyone achieves the same effect as a bi-directional Policy set to apply FROM Internal TO external. |
| Source IP Ranges | This field is optional and is used to validate the originating IP address. If configured, it will be used in conjunction with the Email From/Email To details. IP addresses should be added in CIDR Notation and can either be added as an individual host (11.1.1.1/32) or as a network range (11.1.1.0/24). If a Policy is configured with both a specific FROM variable and source IP address, only emails that match both of these properties will trigger the Policy. Alternatively, if you would like to specify only the source IP address, select the FROM variable as Everyone, and enter the desired IP address/range in the Source IP Range field. |
| Hostnames | Some Policies allow you to enter a list of hostnames to bypass. The policy only applies, when the hostname matches the IP address used by the sending server. We will confirm when this is the case. |
Comments
Please sign in to leave a comment.