Policies - Testing Delivery Routing Connectivity

Updated

This article provides information on testing delivery routing connectivity in Mimecast, including steps for testing inbound SMTP delivery, LDAP directory connections, and POP3 journaling to ensure proper configuration and functionality.

Overview

Mimecast provides the ability to test connectivity from your Mimecast account to your internal environment, without contacting Mimecast Support. Testing the connectivity ensures all necessary firewall and application changes have been made before swapping services over to Mimecast, or if changing IP addresses internally.

The connectivity tests include testing:

  • Inbound SMTP delivery routes
  • POP3 for journaling
  • LDAP for Directory synchronization

The tests performed are:

  • A ping test to see if contact can be made with the IP address using the PING protocol. This may fail depending on your firewall and security settings.
  • Other checks depend on what service is being tested.

Inbound SMTP Delivery

You can test inbound SMTP delivery by using the following steps:

  1. Log in to the Mimecast Administration Console.
  2. Navigate to Policies | Gateway Policies.
  3. Select the Delivery Routes menu item from the Definitions drop-down.
  4. Click on the Delivery Route to be tested.
  5. Either click on: 
  • Test Connection - Strict TLS.
  • Test Connection - Relaxed TLS.
  1. This will run through a series of tests, and generate a summary of the results as shown below:
  • Resolves the hostname to IP address.
    • Pings the connection.
    • Connects to the IP address on SMTP TCP port 25 (or the custom port you have entered).
    • Executes SMTP commands to send a test email to the delivery route IP address as follows:
      • The sender is always set as smtptest@mimecast.com.
      • The recipient is always set to the user requesting the test: e.g. admin@customer.com. The SMTP conversation is printed to the screen for reference.
    • Checks to see if TLS is supported. If STARTTLS appears in the list of applicable SMTP verbs, an attempt is made to initiate a TLS connection, and send a test email.
      • If TLS negotiation fails, the "An Error Occurred" error message is displayed.
      • If TLS is successful, the mail send test continues as above.
    • Checks to see if there is a certificate, and displays the results:
      • If the certificate is not supported, or the certificate is not present, certificate details will not be displayed.
      • If the certificate is supported, Mimecast extracts the CN of the certificate, as well as the expiration date. Details for all chained certificates are displayed.

Testing Delivery Routing Connectivity_1

The SMTP connection test will work, even if the delivery route has not been saved. An Administrator can therefore create a new Delivery Route, enter the relevant details, and click test prior to saving the route.

LDAP Directory Connections

You can test LDAP connectivity prior to enabling Directory Synchronization, by using the following steps:

  1. Log in to the Mimecast Administration Console.
  2. Navigate to Users & Groups | Directory Synchronization.
  3. Select the Directory Connection.
  4. Click on Test Connection in the top toolbar to start testing.

  5. This will now run through a series of tests and generate a summary of the results as per below:

    If an alternate IP address exists for the Directory Connection, the same tests above are conducted on the backup IP address.

  • Resolves the hostname to IP address (if the hostname is entered)
  • Pings the connection
  • Connects to the IP address on LDAP TCP port 389 (or the custom port you have entered)
  • Tests the retrieval of one email address in each of the domains you have registered with Mimecast as an Internal Domain. A result of "no results" can be considered a success and indicates that the connection was successful.
  • Checks to see if there is a certificate and displays the results:
    • If the certificate is not supported, or the certificate is not present then certificate details will not be displayed.
    • If the certificate is supported, Mimecast extracts the CN of the certificate as well as the expiration date. Details for all chained certificates are displayed.

The LDAP Connection test will work even if the Directory Connector has not been saved. An Administrator can, therefore, create a new connector, enter the relevant details, and click test prior to saving it.

POP3 Journaling

Open the Journal definition, and click the Test Journal Extraction button to ensure that Mimecast will be able to successfully connect to and POP emails from the Journal mailbox.

For further information on how to configure POP3 Journaling, see Exchange - Exchange 2007 POP3 Journaling.

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.