If you're using Mimecast Email Security you can allowlist CybSafe to permit our simulated phishing test emails and training invitations through to your end users.

In this article, you’ll find instructions for several different policies, which you’ll need to add to your Mimecast console to allow the use of CybSafe.

Anti-spoofing policies are recommended if you receive large amounts of spoofed mail. They ensure external messages appearing to come from an internal domain are blocked.

Permitted Senders policies ensure the successful delivery of inbound messages from trusted sources. Messages from permitted senders bypass Mimecast’s reputation, greylisting, and spam scanning policies, avoiding the possibility of being rejected or placed in the hold queue.

A URL protection bypass policy allows you to exclude specific senders or recipients from a Configuring URL Protection definition

By creating an impersonation protect bypass policy you can exclude specific senders or recipients from an Impersonation Protect policy, by creating an impersonation protect bypass policy.

IP 167.89.33.127 /cs-mail-sender.com / simulated phishing attacks. For more information around this, please click here

IP 167.89.38.249 / cybsafe.com / registration, news and administration

Both these IP addresses are dedicated to CybSafe.

If you run into issues allowing CybSafe in your Mimecast services, we advise contacting Mimecast directly for specific instructions.

Follow the steps below to allow CybSafe to send emails appearing to come from an email address at your domain, on your behalf.

In the "For Emails From" and "For Emails To" sections, set the “Applies From” and “Applies To” fields to Everyone (as IP addresses/Hostnames are going to be used as the source of the messages). Read the Policy Specificity page for more information on the application of the “FROM” and “TO” variables.

For more information see Mimecast's Configuring an Anti-Spoofing Policy article.

7. In the Source IP Ranges field enter the CybSafe IP ranges.

Remember to save the policy. Now the simulated phishing templates appear to come from your organisation's domain and reach your employees' inboxes. Before sending a campaign to all of your employees , we suggest you first set up a test using your own email or set it up for a small group of people to ensure the policy works as intended.

To successfully allowlist CybSafe’s phishing and training-related emails , you should Create a new Permitted Sender policy to allow them through to your employees' inbox.

Important:

Do not edit your default Permitted Sender Policy. You must create a new one

Here are the steps to allow our emails to arrive successfully in your employees' inboxes.

In the "For Emails From" and "For Emails To" sections, set the Applies From and Applies To fields to Everyone, as IP addresses/Hostnames are going to be used as the source of the messages. Read the Policy Specificity page for more information on the application of the FROM and TO variables.

For more information on these settings see Mimecast's Configuring a Permitted Senders Policy article.

7. In the Source IP Ranges enter the appropriate IP ranges for CybSafe

Remember to save the policy. We suggest setting up a test to yourself or a small group of people to ensure the policy works as intended, before sending a campaign to all of your employees.

Mimecast's URL Protection service scans and checks links in emails upon delivery. This can sometimes result in false positives for your phishing security tests. Follow the steps below to create a URL Protection Bypass policy for accurate phishing security test results.

In the "For Emails From" and "For Emails To" sections, set the “Applies From” and “Applies To” fields to Everyone, as IP addresses/hostnames are going to be used as the source of the messages. Read the Policy Specificity page for more information on the application of the ‘FROM’ and ‘TO’ variables.

For more information on these settings, see Mimecast's Configuring a URL Protection Bypass Policy article.

7. In the Source IP Ranges field enter the appropriate IP ranges for CybSafe.

Remember to save the policy. We suggest setting up a test to yourself or a small group of people to ensure the policy works as intended, before sending a campaign to all of your employees.

If you’re sending phishing emails purporting to come from users/domains that look like they’re internal to your organisation, you'll want to create an Impersonation Protection Policy in your Mimecast console.

In the "For Emails From" and "For Emails To" sections, set the “Applies From” and “Applies To” fields to Everyone, as IP addresses/hostnames are going to be used as the source of the messages. Read the Policy Specificity page for more information on the application of the ‘FROM’ and ‘TO’ variables.

For more information on these settings, see Mimecast's Configuring an Impersonation Protection Bypass Policy article.

NOTE: In the Select Option field under Options, select the impersonation protection definition you want to be bypassed. If you have multiple definitions you would like to bypass, you will need to create a separate Impersonation Protection Bypass Policy for each one.

7. In the Source IP Ranges field enter the appropriate IP ranges for CybSafe

Remember to save the policy. We suggest setting up a test to yourself or a small group of people to ensure the policy works as intended, before sending a campaign to all of your employees.

If you have any questions or concerns, you can contact the team at support@cybsafe.com and we’ll be happy to answer them.