Mimecast Secure Email Gateway

Introduction

This manual describes how to integrate Zivver with Mimecast Secure Email Gateway.

Mimecast provides a Secure Email Gateway (SEG) solution for organizations to protect them against email-based attacks (such as phishing and ransomware). Zivver, on the other hand, helps organizations protect against any possible data leaks via email.

Organizations want to combine Zivver and Mimecast’s Secure Email Gateway to benefit from both solutions. Read more about how Zivver and Mimecast solutions compare to each other in the Feature Gap Analysis, available on request via sales@zivver.com.

The starting point for integrating Zivver with Mimecast Secure Email Gateway is the Zivver Office Plugin for Microsoft Outlook (for Windows). Read more about this in the next section.

Zivver’s Plugin Assisted Mail Submission

With the Zivver Office Plugin for Microsoft Outlook (for Windows), employees can send and receive secure messages directly from within Microsoft Outlook.

Zivver’s Plugin Assisted Mail Submission (PAMS) is an additional feature in the Zivver Office Plugin. PAMS can be used for different purposes; see the PAMS manual for more information.

To integrate Zivver with Mimecast Secure Email Gateway, your organization needs to implement PAMS. PAMS enables Mimecast’s Secure Email Gateway to process outbound Zivver emails sent from Microsoft Outlook. Without PAMS implemented, a sent Zivver message will not be processed by Mimecast’s Secure Email Gateway.

Background information

When a secure Zivver message is sent, the Zivver Office Plugin for Microsoft Outlook cancels the OnSend event for that message. If not canceled, Outlook would forward the message to your mail server, resulting in delivery to the recipient as a normal, unsecured message. To prevent this, the Zivver Office Plugin cancels the OnSend event in Outlook.

However, when using Mimecast’s Secure Email Gateway, you want the securely sent Zivver message to be processed by your mail server and Mimecast. PAMS ensures that the OnSend event in Outlook is still triggered, allowing the securely sent message to be processed by Mimecast.

To prevent the securely sent message from being delivered as a normal, unsecured message, Mimecast needs to submit the message to the Zivver SMTP Gateway.

Implement PAMS in Mimecast Secure Email Gateway

This chapter describes what is needed to implement PAMS in Mimecast Secure Email Gateway. In short, Mimecast needs to filter outbound messages on a custom mail header. When this header is found, the message needs to be submitted to the Zivver SMTP Gateway.

Once received at Zivver’s SMTP Gateway, the message will be processed and securely delivered to the recipients.

In Mimecast, the following two steps need to be performed:

  • A connection to the Zivver SMTP Gateway needs to be made.
  • Outbound messages need to be filtered on a custom mail header.

Depending on the configuration in your mail server, an additional step needs to be performed:

  • Outbound messages need to be filtered on a customer mail header.

Create an outbound Delivery Routing definition to connect to the Zivver SMTP Gateway

  1. Log in as a Zivver admin to https://app.zivver.com/organization/mail-submission.
  2. Click Generate to generate SMTP credentials.
  3. Go to your Mimecast Administration Console.
  4. Go to Administration > Gateway > Policies > Delivery Routing - Definitions Button.
  5. A list of policies is displayed. Select or create a new policy.
  6. Enter a description (e.g., Zivver SMTP Server).
  7. For Hostname, enter: smtp.zivver.com.
  8. For Port, enter: 587.
  9. For Enable SMTP Authentication, select Login.
  10. For Username, fill in the username from the generated Zivver SMTP credentials.
  11. For Password, fill in the password from the generated Zivver SMTP credentials.
  12. Click Save and Exit.

Filtering outbound messages on a custom mail header

Three things need to be set up in Mimecast to enable outbound messages to be filtered on a custom mail header used by the Zivver Office Plugin to mark a message to be sent via PAMS:

  • A Content Examination definition.
  • A Content Examination policy.

Create a Content Examination definition:

  1. Go to your Mimecast Administration Console.
  2. Go to Administration > Gateway > Policies.
  3. Go to Content Examination.
  4. Click the Definitions button.
  5. Select the group you want to change.
  6. Click New Content Definition.
  7. Enter a description (e.g., Zivver PAMS).
  8. Select for Definition Type the option Independent Content Definition.
  9. Set the Activation Score to 1.
  10. Select for Fuzzy Hash Setting the option Do not use Fuzzy Hash techniques.
  11. Enter for Word / Phrase Match List: 1 “zivver-relay”.
  12. Enable Scan Message Headers.
  13. Enable Enable Inbound and Outbound check.
  14. Select None for Policy Action.
  15. Select for Delivery Route the Delivery Route definition created in the previous section.
  16. Click Save and Exit.

Create a Content Examination policy:

  1. Go to your Mimecast Administration Console.
  2. Go to Administration > Gateway > Policies > Content Examination.
  3. Click on the name itself.
  4. Select or create a new policy.
  5. Enter a policy narrative (e.g., Zivver PAMS).
  6. Select the Content Examination Definition created previously.
  7. Select Both for Addresses Based On.
  8. Select Everyone for Applies From / To.
  9. Enable the policy.
  10. Click Save and Exit.

Additional change to the mail server

It is likely that there’s a Mail Flow Rule set up in Exchange to relay any externally addressed outbound message to Mimecast. Internally addressed messages usually do not need to be processed by Mimecast.

However, when integrating Zivver with Mimecast, you also want securely sent messages to internal recipients to be processed by Mimecast. Otherwise, these messages are not relayed to Zivver, and the internal recipient will never be part of the secure conversation between the sender and external recipients.

To ensure a securely sent message is always relayed to the Zivver SMTP Gateway, create a Mail Flow Rule that filters any securely sent message to internal recipients.

  1. Go to the Exchange Admin Center.
  2. Go to Mail Flow > Rules.
  3. Add a rule > Create a new rule.
  4. Give it a name (e.g., Routing securely sent internal mail to Zivver).
  5. Under Apply this rule if…, select The message headers….
  6. Click Select one and then select matches these text patterns.
  7. Click on Enter text.
  8. Enter zivver-relay.
  9. Click Save.
  10. Click on Enter words.
  11. Enter ..*. (that is 2 dots, 1 asterisk/wildcard, 1 dot).
  12. Click Add.
  13. Click Save.
  14. Click the + (plus) sign to add a second condition.
  15. Under And, select The sender.
  16. Click Select one and then select is external/internal.
  17. Select Inside the organization.
  18. Click Save.
  19. Under Do the following, select Redirect the message to.
  20. Click Select one and then select the following connector.
  21. Now select the connector used to relay the message to Mimecast.
  22. Click Save.
  23. Click Save.
  24. Ensure this Mail Flow Rule is processed after the rule that relays any externally addressed outbound message to Mimecast.
  25. Enable the Mail Flow Rule when you’re ready.