Email Security - API - Policy Notifications

This page provides information on the Policy Notifications that can be configured for Email Security - API.

Overview

Email Security - API threat protection includes three policy types: Malware, Phishing, and Spam. Each policy can be configured to send Notifications to Groups and Internal Recipients, alerting administrators and end users whenever an email threat is detected.

When a threat is detected, the system checks the relevant policy to determine the appropriate notification settings based on three factors: the threat type (Malware, Phishing, or Spam), the configured action (Monitor, Quarantine, or No Action), and the recipient type (Administrator or End User).

Considerations 

Prerequisites - Notification Requirements

• Notifications must be multi-part MIME containing both HTML and TEXT parts. 

• US (English) is the only supported language at this time. Follow our Service Updates for detailed information on new feature releases. 

• There is a set of notifications for the default Email Security - API Policies, which can be adjusted according to the Policy Action settings. These default notifications will be as follows:

• Default Malware Policy Notifications: Internal Recipient 

• Default Phishing Policy Notifications: None

• Default Spam Policy Notifications: None

Configuring Notifications 

To configure notifications for either a Spam, Malware, or Phishing Protection Policy, follow these steps:

1. Log in to the Mimecast Administration Console.
2. Navigate to Policies and select the relevant Policy (Spam, Malware, or Phishing) that you would like to configure Notifications for. 

3. Scroll down in the Policy Configuration page to Actions, and set the Actions to 'Quarantine' to configure notifications.

4. Select either Group or Internal Recipient (Or both) to set up which groups/recipients receive notifications when the relevant policy is applied. 

Selecting Group is useful for configuring Administrator notifications, while Internal Recipient (sent to the recipient of the flagged email) is useful for end-user notifications. 

4. If Group is selected, use the Select Group to select the group you are configuring notifications for. 

6. You can choose a group from the list of Active Directory Groups, or Local Groups:

7.  Click Save once notifications have been configured to apply the changes. 
8. Repeat these steps for each of the threat family Policies as required.
    

Example of an Administrator Notification:

Example of an End User Notification: