Mimecast is PVAMU's first line of defense against unwanted email solicitations and malicious phishing attempts. You will receive daily emails notifying you of messages which have been held. These emails can be reviewed and acted upon by "Individual PVAMU Email" or via your "Personal Portal."

Messages that Mimecast identifies as clear, undeniable spam (like those attempting to maliciously spoof a PVAMU email address or that contain known, malicious links) will drop before delivery. Solicitations, unwanted listserves, and other types of content are held by Mimecast, and users receive an email every day at 8 am, 12 pm and 4 pm with options to release emails they don’t consider spam.

The actions you can perform on a held message are:

Action Description
Release This will release the current email On Hold to your inbox, but future emails from this sender will still be placed On Hold.
Permit Delivers the email and adds the sender’s address to your personal Permit list, so future emails are not put On Hold.
Block This will reject the email and adds the sender’s address to your personal Block list to block future emails from this sender.

You can complete the above actions from the PVAMU Mimecast digest emails or using your Personal Portal.

You can, however, visit your personal portal and manage your blocked and approved domains in a web interface. Log in with your PVAMU Single Sign On credentials, and complete the Duo authentication.

An image of the Mimecast domain login screen.

For detailed instructions, please visit Mimecast’s Message Center guide.

Guides to using Mimecast

Quick Start Guide to Mimecast (PDF)

Managing Your Personal Portal (PDF)

Accessing Your Personal Portal

Your portal allows you to login directly to the mimecast dashboard to manually release your emails, as well as manage your inidividual blocked and permitted lists.

Access Your Personal Portal

Possible Reasons on why your emails are being held:

Policy Description
Spam Filter Policy This email has been flagged as Spam. This can be due to the email from a bulk email address or contains an unsubscribe or other button.
Zip File Attachment PVAMU does not allow Zip files.
Impersonation Protection This is triggered when a user with a PVAMU address uses a personal email address or an external address with the same name to email a PVAMU employee.
Suspected Malware A malware attachment has been sent to the user and has been removed.
Suspicious Message Structure The message has a suspicious message.
DMARC Fail The senders DMARC (used to properly identify the sender) is not configured.
Anti Spoof Policy Users are sending email from a site that is imitating the PVAMU domain. If this is legitimate Site it must be whitelisted. Please contact the Information Security Team at informationsecurity@pvamu.edu for assistance.

Frequently Asked Questions

I don’t like the mail filter—it blocks too many messages I need!

  • The messages you permit/release in the digests are not blocked, they’re held. Users have full control (and receive notifications twice a day) to release that mail and have 14 days to do so. A lot of the mail that you consider false positives someone else might not. In almost all cases, these false positives are “bulk” mail, the type most people delete immediately upon receiving. CITE received a lot of feedback that the campus receives too much-unwanted mail—at a certain point, cutting down on the amount of junk email the campus gets requires user control and participation. Simply be diligent in permitting domains and senders (use login.mimecast.com to do this in bulk) and the number of false positives you receive will come way down.

If I ignore a held message indefinitely, will Mimecast eventually regard it as outright spam?

  • No, Mimecast only holds the message. If you take no action, it will continue to hold messages just like it and not take additional algorithmic action.

How long is a message held?

  • Mimecast holds messages for 14 days.

I belong to a listserv that has many recipients and they all are getting held. What do I do?

  • Listservs are almost always handled by listserv software, sent by a single IP address or domain. If you permit a single message, it will permit that IP/domain name for future messages.

I tried what you suggested above for my listserv but it didn’t work because each sender of the listserv is from a different domain. What do I do?

  • Listserves that behave that way still use a single domain address in the “envelope” of the message. If you permit that domain explicitly, it will fix the issue. If you only click permit for one of the messages in the listserv, it won’t work because you’re only permitting that one person’s domain.


  • In the example above, the mailing list and reply to are set to “…@incommon.org.” This is the domain to allow NOT “…@comodoca.com.” To do so: go to login.mimecast.com > log in > click Permitted on the left > and click Add Permitted on the far right. In the pop-up window, add the domain (in this example, “incommon.org”) and click Permit.

Image of the Mimecast permission pop-up window.

Will permitting a domain/IP retroactively release formerly held messages?

  • It will not, you would have to release those retroactively.

If I release a message, will it release for the other recipients?

  • It will not, the action is per user.

Someone from a PVAMU account sent me an email and it got blocked/held. How did that happen?

  • While internal emails go through Mimecast, an email sent from a PVAMU account should not be stopped. If an email from PVAMU is stopped by Mimecast, the sender used a mail server external to PVAMU to send their message (Constant Contact or Mail Chimp for example). Please contact the Information Security Team at informationsecurity@pvamu.edu to request that the domain/IP address you work with be placed on the allow list

I have a folder called “Spam” in my PVAMU Outlook. What’s that?

  • That is all mail that made it through Mimecast but Outlook then caught as spam. It is the second layer of spam security. When you mark your mail as Spam in Outlook, you are reporting it to Outlook and not Mimecast, which is a perfectly fine and easy way to report spam.

I have a message that is clearly spam that made it to my Inbox. How did that happen?

  • That is a VERY impressive spam message—it got through two of the world’s top spam filters. Someone knows how to write a convincing message! First, verify that it is in fact spam, and then report it (and any other suspicious mail) by forwarding the message to informationsecurity@pvamu.edu.

I have an IP address or domain I need on the allow list. Can you help?

  • Please contact the Help Desk to request that the domain/IP address you work with be placed on the allow list. Please know that we reserve the right to deny requests that would risk the security of our email system or pollute it with spam.
Print Article


Article ID: 508
Wed 9/1/21 3:04 PM
Tue 12/6/22 10:49 AM