Skip to main content

How do I whitelist in Mimecast?

Soumalya Mitra avatar
Written by Soumalya Mitra
Updated over 2 weeks ago

To Allow Right-Hand's Training Emails / Phishing Simulation emails in Mimecast, follow the below instructions for various policies that you'll add to your Mimecast console.

Please follow the below order for whitelisting.

Table of contents

Anti-Spoofing Policy

Follow the steps below to allow Right-Hand to send emails from the Right-Hand domain.

  1. Sign in to Mimecast Administration Console.

  2. Select the Administration Toolbar button.

  3. Choose Gateway | Policies menu.

  4. Choose Anti-Spoofing from the list of policies.

  5. Click on the New Policy button.

  6. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand Anti-Spoofing Policy

Select Option

Take no action

Addresses Based On

Both

Applies From

Everyone

Specifically

Applies to all Senders

Applies To

Everyone

Specifically

Applies to all Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click Save. Saving this policy will allow the emails from the Right-Hand domain.

Permitted Sender's Policy

A new Permitted Sender Policy should be created to allow Right-Hand's Training Emails/Phishing Simulation emails to reach the user's mailbox.

Note: Always create a new Policy. Do not edit the default one.

In the following steps, you can authorize Right-Hand to send emails on your behalf, displaying an email address of your domain.

  1. Access the Mimecast Administration Console.

  2. Click on the Administration Toolbar button.

  3. Choose Gateway | Policies menu.

  4. Choose Permitted Sender from the list of policies.

  5. Click on the New Policy button.

  6. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand Permitted Sender Policy

Select Option

Permit sender

Addresses Based On

Both

Applies From

Everyone

Specifically

Applies to all Senders

Applies To

Everyone

Specifically

Applies to all Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click on Save. Saving this policy will allow the Training Emails/Phishing Simulation emails from the Right-Hand domain.

Attachment Protection Bypass Policy

To allow attachments from simulated Phishing campaigns, follow the below steps to successfully whitelist Right-Hand emails.

Note: Always create a new Policy. Do not edit the default one.

In the following steps, you can authorize Right-Hand to send emails on your behalf, displaying an email address of your domain.

  1. Access the Mimecast Administration Console.

  2. Click on the Administration Toolbar button.

  3. Choose Gateway | Policies menu.

  4. Choose Attachment Protection ByPass from the list of policies.

  5. Click on the New Policy button.

  6. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand Attachment Protection Bypass

Select Option

Disable Attachment Protection

Addresses Based On

The Return Address (Email Envelope From)

Applies From

Everyone

Specifically

Applies to all Senders

Applies To

Internal Addresses

Specifically

Applies to all Internal Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click Save. Saving this policy will allow the emails with attachments from the Right-Hand domain.

URL Protection Bypass Policy

Mimecast's URL Protection service scans and checks links in all delivered emails. Follow the steps below to create a new URL protection bypass policy:

  1. Access the Mimecast Administration Console.

  2. Click on the Administration Toolbar button.

  3. Choose Gateway | Policies menu.

  4. Choose URL Protection ByPass from the list of policies.

  5. Click on the New Policy button.

  6. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand URL Protection Bypass Policy

Select Option

Disable URL Protection

Addresses Based On

Both

Applies From

Everyone

Specifically

Applies to all Senders

Applies To

Internal Addresses

Specifically

Applies to all Internal Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click on Save.

Impersonation Protection Bypass Policy

This policy is used to allow whaling/phishing emails pretend to come from users/domains that look like they are internal to your organization.

Impersonation Protection Bypass Definition Setup

  1. Access the Mimecast Administration Console.

  2. Click on the Gateway | Policies menu.

  3. Under the Definitions drop-down choose Impersonation Protection Bypass option.

  4. Type the name as Right-Hand Impersonation Protection Bypass Definition.

  5. Check the box for Display Name.

  6. Under the identifier actions, select the Action as None.

  7. Save the definition.

Impersonation Protection ByPass Policy Setup

  1. Access the Mimecast Administration Console.

  2. Click on the Administration Toolbar button.

  3. Choose Gateway | Policies menu.

  4. Choose Impersonation Protection ByPass from the list of policies.

  5. Click on the New Policy button.

  6. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand Impersonation Protection Bypass Policy

Select Option

Right-Hand Impersonation Protection Definition

Addresses Based On

Both

Applies From

External Addresses

Specifically

Applies to all External Senders

Applies To

Internal Addresses

Specifically

Applies to all Internal Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click Save.

Attachment Management Bypass Policy

Configuring this Attachment management ByPass policy will help you prevent attachments from being removed from your simulated phishing emails.

  1. Access the Mimecast Administration Console.

  2. Click on the Administration Toolbar button.

  3. Choose Gateway | Policies menu.

  4. Choose Attachment Management ByPass from the list of policies.

  5. Click on the New Policy button.

  6. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand Attachment Management Bypass

Select Option

Disable Attachment Management

Addresses Based On

Both

Applies From

Everyone

Specifically

Applies to all Senders

Applies To

Everyone

Specifically

Applies to all Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click on Save.

Preventing Mimecast from Re-Writing Phishing Links

To prevent Mimecast from re-writing the links in the simulated Phishing emails, please do add Right-Hand's phish link domains as Permitted URLs.

You can find a list of Right-Hand phishing link domains. To disable link re-writing on permitted URLs, please refer here.

Please remember, it's not advisable to make an exception for this situation unless you already have established exceptions for other senders. Otherwise, any deviation from a rewritten Mimecast URL could raise concerns for users and potentially affect the accuracy of your results.

For additional details regarding the deactivation of link rewriting for approved URLs, refer to Mimecast's article titled "Targeted Threat Protection: Managed URLs."

Please follow the below steps to prevent Mimecast from Re-Writing Phishing links:

Listing Managed URLs

To view your managed URLs:

  1. Log in to the Administration Console.

  2. Go to Services > URL Protection.

  3. Select the URL Tools drop-down menu.

  4. Click on Managed URLs to display the list of managed URLs.

To add one or more URLs and/or domains to your Managed URLs list:

  1. Click Add Managed URLs.

  2. Fill out the dialog as follows:

Field / Option

Required Configuration

Override Type

Permitted

Disable Rewriting For This Entry

Toggle on the button

Disable User Awareness

Toggle on the button

Match Type

Domain

URLs

Specify the URLs and / or domains to be added to the managed URLs list.

Please add the below domains to the list:

Note:The use of wildcard characters is not recommended, as it can cause a significant security risk.

Comments

Right-Hand permitted URLs

3. Select Save and Close.

DNS Authentication ByPass Policy (Optional)

If Right-Hand emails are sent to the spam folder, configure this additional policy. You will first have to set up the inbound definition and next create the policy.

DNS Authentication - Inbound Definition Setup

  1. Access the Mimecast Administration Console.

  2. Click on the Gateway | Policies menu.

  3. Under Definitions drop-down choose DNS Authentication - Inbound option.

  4. Type the name as New DNS Authentication - Inbound checks.

  5. Click on Save and Exit to save all the modifications.

DNS Authentication - Inbound Policy Setup

  1. Access the Mimecast Administration Console.

  2. Click on the Gateway | Policies menu.

  3. Click on DNS Authentication - Inbound policy.

  4. Choose New Policy.

  5. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand DNS Authentication Inbound policy

Select Option

Right-Hand DNS Authentication Inbound policy

Addresses Based On

Both

Applies From

Everyone

Specifically

Applies to all Senders

Applies To

Everyone

Specifically

Applies to all Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click on Save and Exit to save all the modifications.

Greylisting ByPass Policy

To prevent Mimecast from preventing emails from being deferred, please add this policy. Follow the steps below instructions to add this new policy.

  1. Access the Mimecast Administration Console.

  2. Click on the Administration Toolbar button.

  3. Choose Gateway | Policies menu.

  4. Choose Greylisting from the list of policies.

  5. Click on the New Policy button.

  6. Set the following options as follows:

Field / Option

Required Configuration

Policy Narrative

Right-Hand Greylisting ByPass Policy

Select Option

Take no action

Addresses Based On

The Return Address

Applies From

Everyone

Specifically

Applies to all Senders

Applies To

Everyone

Specifically

Applies to all Recipients

Enable / Disable

Enable

Set policy as perpetual

Always On

Date Range

All time

Policy Override

Check the box

Source IP Ranges (n.n.n.n/x)

52.74.95.172/32

168.245.54.27/32

149.72.49.118/32

7. Click on Save and Exit to save all the modifications.

CyberGraph Policy (Optional)

If you encounter problems with Mimecast removing Right-Hand's email trackers, you can implement this policy. Mimecast's CyberGraph Policy will prevent the removal of email trackers. Follow the steps below to set up the CyberGraph policy:

  1. Access your Mimecast Administration console by logging in.

  2. Go to Services and then, CyberGraph.

  3. Select the option to Create New Policy.

  4. Name the policy, such as “Right-Hand CyberGraph Policy”.

  5. You may optionally describe the policy.

  6. Choose "Disabled" in the Dynamic Banners field.

  7. Choose Disabled In the Trackers field,

  8. Choose the "Disabled" option in the User Reporting field.

  9. Click Next.

  10. Within the Applies To section, configure the From field to apply to Everyone. Subsequently, set the To field to also encompass Everyone.

  11. Within the Source IP Ranges field, input Right-Hand's IP addresses.

  12. Proceed by clicking on "Next". This will direct you to the Summary page, where you can verify that your settings are accurate.

  13. Select Disabled in the Trackers field.

  14. Click on Create New Policy.

Did this answer your question?