URL Protection CSV truncation - May 2026

Known Issue

Field / Option Description
Date Logged May 21st 2026
Product(s) Targeted Threat Protection - URL Protection
Status Not Fixing

Issue

Mimecast has identified an issue affecting certain CSV email attachments when processed by Targeted Threat Protection - URL Protection (TTP URL Protection).

In some cases, TTP URL Protection is corrupting CSV attachments in transit, causing most of the file contents to be dropped before the message reaches the recipient. This behavior is specifically observed with CSVs whose rows wrap across multiple lines. In contrast, simpler CSV files (that do not have rows wrapping across multiple lines) are reported to pass through unaffected.

Impacted users will see that the CSV attachment is delivered, but with missing or truncated data, as most of the file's original contents are removed during processing.

Workaround

As an immediate workaround, customers can configure their Mimecast environment to reduce the impact of this issue.

Enable Message Passthrough on the sending domain: Configure Message Passthrough on the affected sending domain. When enabled, this allows the affected CSV attachments to be delivered intact, preventing the corruption and data loss observed when TTP URL Protection processes these files.

Consideration: When Message Passthrough is enabled, URL scanning is bypassed for those messages. This means that while the CSV attachment will arrive with its full contents, the URLs in those messages will not be scanned by TTP URL Protection.

Customers should weigh the need for intact CSV delivery against the reduced URL scanning coverage for messages where Message Passthrough is enabled.

See Also…

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.