Policy Considerations for Living Security Phish in Mimecast

Creating exceptions in Mimecast is necessary to prevent simulations from being blocked or ending up in spam. The policies below suggested in order for the highest probability of success.


Anti-Spoofing Policy

Permitted Senders Policy

Attachment Protection Bypass  Policy

URL Protection Bypass Policy

Impersonation Protection Bypass Policy

Attachment Management Bypass Policy

ℹ️ We recommend running a test campaign to yourself or a small group of users after each policy change to ensure it is working as intended.


Anti-Spoofing Policy

Follow the steps below to allow Living Security Phish to send emails appearing to come from an email address at your domain, on your behalf:

  1. Log on to your Mimecast Administration Console.
  2. Click the Administration toolbar button.
  3. Select the Gateway | Policies menu item.
  4. Select Anti-Spoofing from the list of policies displayed.
  5. Select the New Policy button.
  6. Select the appropriate policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings, see Mimecast's Configuring an Anti-Spoofing Policy article.
  7. In the Source IP Ranges field, enter our IP ranges. They can be found in this article.
  8. Save the policy.


Permitted Senders Policy

You should create a new Permitted Sender policy to allow our phishing simulations through to your users' inboxes.

⚠️ Do not edit your default Permitted Sender policy; a new one must be created.

  1. Log on to your Mimecast Administration Console.
  2. Click the Administration toolbar button.
  3. Select the Gateway | Policies menu item.
  4. Select Permitted Senders from the list of policies displayed.
  5. Select the New Policy button.
  6. Select the appropriate policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings see Mimecast's Configuring a Permitted Senders Policy article.
  7. In the Source IP Ranges field, enter our IP ranges. They can be found in this article.
  8. Save the policy.


Attachment Protection Bypass Policy

If you'd like to use attachments in your simulated phishing tests, follow the steps below to increase the likelihood that emails with attachments from LS Phish will successfully arrive in your users' inboxes. Mimecast may still prevent the delivery of attachments.

  1. Log on to your Mimecast Administration Console
  2. Click the Administration toolbar button.
  3. Select the Gateway | Policies menu item.
  4. Select Attachment Protection Bypass from the list of policies displayed.
  5. Select the New Policy button.
  6. Select the appropriate policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings, see Mimecast's Configuring Attachment Protection Bypass Policies article.
  7. In the Source IP Ranges field, enter our IP ranges. They can be found in this article.
  8. Save the policy.


URL Protection Bypass Policy

Mimecast's URL Protection service scans and checks links in emails upon delivery. This can sometimes result in false positives for your phishing security tests. Follow the steps below to create a URL Protection Bypass policy for accurate phishing security test results.

  1. Log on to your Mimecast Administration Console
  2. Click the Administration toolbar button.
  3. Select the Gateway | Policies menu item.
  4. Select URL Protection Bypass from the list of policies displayed.
  5. Select the New Policy button.
  6. Select the appropriate policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings, see Mimecast's Configuring a URL Protection Bypass Policy article.
  7. In the Source IP Ranges field, enter our IP ranges. They can be found in this article.
  8. Save the policy.


Impersonation Protection Bypass Policy

If you’re sending phishing simulations purporting to come from users/domains that appear internal, you'll want to create an Impersonation Protection Policy in your Mimecast console.

  1. Log on to your Mimecast Administration Console.
  2. Click the Administration toolbar button.
  3. Select the Gateway | Policies menu item.
  4. Select Impersonation Protection Bypass from the list of policies displayed.
  5. Select the New Policy button. 
  6. Select the appropriate policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings, see Mimecast's Configuring an Impersonation Protection Bypass Policy article.

    NOTE: In the Select Option field under Options, select the impersonation protection definition you want to be bypassed. If you have multiple definitions you would like to bypass, you will need to create a separate Impersonation Protection Bypass Policy for each one.
  7. In the Source IP Ranges field, enter our IP ranges. They can be found in this article.
  8. Save the policy.


Attachment Management Bypass Policy

If you'd like to use attachments in your simulated phishing tests, follow the steps below to prevent attachments from being stripped from emails, potentially resulting in skewed test results.

  1. Log on to your Mimecast Administration Console.
  2. Click the Administration toolbar button.
  3. Select the Gateway | Policies menu item.
  4. Select Attachment Management Bypass from the list of policies displayed.
  5. Select the New Policy button.
  6. Select the appropriate policy settings under the Options, Emails From, Emails To, and Validity sections. For more information on these settings, see Mimecast's Configuring Attachment Management Bypass Policies article. 
  7. In the Source IP Ranges field, enter our IP ranges. They can be found in this article.
  8. Save the policy.



    Questions? Please contact help@livingsecurity.com