Service Update
| Availability | October 6th-8th, 2025 |
| Product(s) | Email Security Cloud Gateway (CG), Awareness Training |
| Who's affected |
Awareness Training, Administrators and End Users Existing and Net-New Customers |
Overview
Mimecast is enhancing the Awareness Training Phishing simulation platform by introducing Direct Message Injection (DMI) for both Microsoft and Google email environments. This new capability will allow Phishing simulation emails to be delivered directly into users' inboxes, bypassing traditional email security controls. The aim is to provide a more seamless, realistic, and effective Phishing training experience for your End Users, while giving you control and visibility over Campaign delivery.
What's changing
- Phishing Email Delivery Workflow: Emails will bypass traditional security rules and be inserted directly via secure API connections.
- Integration Requirements: DMI availability is contingent on completing integration setup via the Integration Hub.
- Automated Error Handling and Logging: Robust logging for injection attempts, with campaign metrics updated in real time.
- Scalability: The mechanism is designed for large-scale deployments, supporting thousands of users simultaneously.
User Experience
- End users will see simulation emails as if they were delivered via normal channels, increasing training realism.
Administrator Experience
- Direct Message Injection toggle: A new toggle in the Add Campaign fly-out will allows you to enable / disable DMI without severing the email provider integration on a per campaign basis.
- Full Domain Spoofing Support: When DMI is enabled, the From Email field in the template editor becomes an open text box, permitting full domain customization.
- A new DMI integrations tile will be displayed within the Integrations Hub. Only one connector per integration is supported.
-
Issue Notification:
- Banners will automatically alert you to DMI integration issues, in the Program Overview, Phishing Dashboard, and Phishing Campaigns pages.
- Banners will include a hyperlink to the Integrations Hub, for easy remediation.
-
Error Management:
- Failed injections (e.g. blocked mailboxes, invalid addresses) will be logged in Campaign metrics, supporting troubleshooting and auditing.
Deployment Schedule
| Region | Date |
| South Africa | October 6th, 2025 18:00 BST |
| Australia, Germany, United Kingdom, Offshore | October 7th, 2025 18:00 BST |
| Canada, United States of America, United States of America (USB) | October 8th, 2025 07:30 BST |
Recommended actions
- Complete the DMI integration setup in the Integrations Hub, to enable the new delivery method.
- Familiarize yourself with the new DMI toggle and domain spoofing options in the Campaign setup workflow.
Comments
Please sign in to leave a comment.