The University’s email security system (Mimecast) is designed to intercept dangerous messages and increase our protection against spam and phishing attacks.
The email security system (Mimecast) filters emails before they arrive in your inbox. It carries out the following checks:
If it thinks something is dangerous, it won't deliver that email, and instead your email will be 'held' for review.
Spam, phishing, ransomware and other email security issues are significant threats to institutions like Sussex. These attacks are often clever and well-coordinated, making it difficult to find protection which isn't too invasive or disruptive. Mimecast has been chosen as the best solution to protect our students, staff and researchers.
Mimecast carries out a number of checks on incoming mail and will put a hold/block on any mail that fails the checks. The most common causes for this are:
You’ll know one of your emails is being held when:
You can log in to the and see your list of held messages.
You will receive up an email when any messages have been held for review and instructions on how to release it. If you think one of these held items is genuine, click on the relevant link in the digest and that message will be released to your inbox. You can also login to the .
You will have three options for each held message:
Held messages will be deleted after 14 days if you don’t release them.
Some messages can only be released by an administrator – this will be stated in the Mimecast block notification. If you require an Administrator to release an email or attachment please log a ticket via the IT Service Desk and include a copy of the relevant notification from Mimecast.
If you use Outlook on a ßÏßÏÊÓƵ PC, you'll see a tab called Mimecast. This tab allows you to:
If you use a ßÏßÏÊÓƵ PC, you'll find the plugin installed in Outlook. If you don't see it please log in to your Mimecast Personal Portal using the button on the right. This will give you the same options as the Windows plugin for Outlook.
If an email you receive contains a link to a website, the security system will re-write the URL.
If you hover over a link in an email, you might see a URL that begins with https://protect-eu.mimecast.com and ends with domain= followed by the original URL of your link.
For example, a link to bbc.com would become https://protect-eu.mimecast.com/s253462825?domain=bbc.com
If you see a URL like this, it isn't a phishing attack, it's just the security system trying to keep you safe. You should still look out for suspicious URLs that don't follow this format.
Clicking on the link will work as normal. If the system thinks that the web page is dangerous, you'll see a warning message when you follow the link.
Whilst the majority of blocked emails are legitimate there may be times when the filters consistently block genuine messages. There are a few things you may want to consider:
As a general rule we would not consider adjusting our policies to accomodate an address as this leaves us at risk if the sender account is compromised. However, if there is a legitimate business need could consider bypassing selected policies if this is deemed appropriate and would not pose any significant risk to do so.
Please complete the log a request with the IT Service Desk with details of the mail address you would like us to consider.
Check messages that have been held or blocked.
Use your ßÏßÏÊÓƵ username followed by @sussex.ac.uk (eg, ano123@sussex.ac.uk) and your ßÏßÏÊÓƵ password.
Updated on 8 October 2024