Posts Tagged ‘mimecast’

When users try and use the Mimecast for Outlook Add-in they login and get Application Disabled

  1. Make sure this is ticked
  2. Restart Outlook then try again
  3. Sometimes Mimecast caches Authentication Profiles locally in C:\Users\%username%\AppData\Roaming\Mimecast\msw.s3db , Delete this file with Outlook closed and try again
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Both Mailguard and Mimecast have a list of allowed emails for users. When migrating from one platform to another you will need to copy these over.

Mailguard does not have an export function for its “Active Whitelist” so you will need to copy the Table produced in the Admin Panel into Excel and remove all but your two columns of emails.

These two columns will need some more manipulation as they mix up Senders and Receivers in the lists and Mimecast needs one Column for Each. But the First Column in A in Excel and he Second in B

In C1 add the following ( If A1 does has @domain.com in it list it , if B1 has @domain.com in it list it ) 

=IF(ISNUMBER(SEARCH(“@domain.com”,A1)),A1,””)&IF(ISNUMBER(SEARCH(“@domain.com”,B1)),B1,””)

In D1 add the following ( If A1 does not have @domain.com in it list B1 , if B1 has @domain.com in it list A1) 

=IF(NOT(ISNUMBER(SEARCH(“@domain.com”,A1))),,B1)&IF(NOT(ISNUMBER(SEARCH(“@domain.com”,B1))),,A1)

Example

Once one , create a .xls file with columns

# addresstrusted_sendersblocked_sendersapproved_senders

Add the domain.com to #Address

Add the other domain field to either trusted_senders ( Allow Spam and Attachments ) or Approved Senders ( Allow Spam ) 

Import into Mangaed Senders using the PostIni Option 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Trying to setup a Mimecast Sync Engine Application on Prem out the Box comes up with 

“validation failed: invalid mimecast user or insufficient permissions”

This is because by default 2fa is enabled on all Accounts created in Mimecast , you need create a new Authentication Profile and Disable 2fa on this , then assign it to that user group and bind it all together with a Profile

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 

Failed authentication for XXXX, Date: 2019-11-26, Time: 13:26:01 AEDT, IP: X.X.X.X, Application: MfO, Method: IWA, Reason: Wrong password

 

Failed authentication for XXXX, Date: 2019-11-22, Time: 15:13:23 AEDT, IP: X.X.X.X, Application: App Launcher, Method: EWS Basic, Reason: Wrong password

Application: MfO = Mimecast for Outlook

Application: App Launcher = MyApps Webbased portal

Method = IWA ( Intergrated Windows Authentication ) usually from the Mimecast Outlook Add In

Method =  EWS Basic ( Used by Domain Authentication to check onprem ) 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 

Latency Threshold – I would say to start with 50-60 Seconds to avoid any false positives.

Failure Counter threshold –  I would suggest to start with 5-6 for the same reasons.

Admin Notifications – I would suggest to notify via SMS as well, in case email is down. But if you are doing that, you will firstly have to make sure you are syncing the Mobile numbers from AD using the correct AD Attribute in Mimecast(https://community.mimecast.com/docs/DOC-1478). Then you also have to make sure that you set that attribute up to be used as the mobile attribute for SMS notifications in Administration > Account > Account Settings > System Notification Options. Then, you also have to make sure that the admins that need these SMS notifications, subscribe to them. Guidance on subscribing here – https://community.mimecast.com/docs/DOC-2085. Further details on using SMS in Continuity Here – https://community.mimecast.com/docs/DOC-2104.

Affected Group – You have to select a group that covers all users. Otherwise when you get the notification, if you opt to start a Continuity Event from the dashboard, it will only affect the Admin group you have selected.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 

Recently I tried to setup a 365 Send connector to relay it through another third party Mimecast ( https://community.mimecast.com/docs/DOC-1623 ) . Mimecast confirmed they had enabled the Tenant domains to relay through Mimecast.

 

The send connector was Failing as the last Step, however I was receiving the email. After numerous calls with office 365 support they came back with the reply “We don’t support technical help with Third Party SMTP Servers”

Checking the headers on the email that came through showed the validator wasn’t even relaying through Mimecast.

Enabling the Send Connector and trying again resolved the issue , however it’s a flawed design , because after enabling it during the validation if any user tries to send out and it doesn’t work they will produce an NDR

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently had a customer that was getting 15 – 20 minute delays in receiving emails from MailChimp. The same email to services such as Office 365 , Gmail and other email providers came through straight away.

We had whitelisted Mailchimps IP’s per below from Greylisting and Spam to no avail. The Message tracking proved that the message wasn’t hitting the Administration console for the 15 Minutes delay

Source IP Ranges (n.n.n.n/x): 
205.201.128.0/20
198.2.128.0/18
148.105.0.0/16

 

We lodged a Mimecast support ticket and got this escalated to Level 2 and waited a week for a response. In the end a retry of the issue with the technician came through straight away which means there must have been a block somewhere in Mimecast

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Many internal companies use Newsletter services such as Mailchimp to email out internal newsletters. The From Address of this is usually an internal email address which means it will get rejected by the anti spoofing policy

Option 1

In Mimecast Administration Panel go to : 

Administration -> Gateway -> Policies -> Anti Spoofing SPF based Bypass

  1. Add the following Policy, this will only whitelist IP’s in your SPF Record,  so putting servers.mcsv.net will not work , you will also have to put “ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:148.105.0.0/16” in your SPF record. If your SPF is over 255 characters : try option 2

 

Option 2

Administration -> Gateway -> Policies -> Anti Spoofing

Add the policy below , you can get a list of IP’s Mailchimp user here

Find the From Address its spoofing along with the IP

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)