Body
Intended Audience: Students, Faculty, and Staff
Summary
Mimecast is Prairie View A&M University’s first line of defense against unwanted email solicitations and malicious phishing attempts. Users receive digest emails three times a day (8:00 AM, 12:00 PM, and 4:00 PM) notifying them of messages placed On Hold. These digests allow you to review and take action on messages directly from your PVAMU email or by logging into the Mimecast Personal Portal. Mimecast protects against phishing, spoofing, spam, and other threats while giving you control over which senders and domains are permitted or blocked.
Problem
Unwanted emails, listserv clutter, and phishing attempts create risks for both inbox security and productivity. Without a filter, harmful or distracting messages overwhelm faculty inboxes, increasing the chance of accidental clicks on malicious links. PVAMU needs a solution that not only filters email but also empowers users to decide what belongs in their inbox.
Solution
Mimecast provides robust security while giving faculty control. It:
-
Drops clear, undeniable spam before delivery (e.g., spoofing attempts, malicious links).
-
Holds questionable messages (e.g., solicitations, newsletters, unfamiliar listservs).
-
Notifies users via daily digest emails at 8:00 AM, 12:00 PM, and 4:00 PM.
From the digest or the Personal Portal, you can choose:
| Action |
Description |
| Release |
Sends the email to your inbox, but future emails from this sender will still be held. |
| Permit |
Delivers the email and adds the sender’s address to your personal Permit list, ensuring future emails bypass Mimecast filtering. |
| Block |
Rejects the email and adds the sender’s address to your personal Block list, preventing future messages. |
Steps
Accessing Mimecast Digest Emails
The digest email is the quickest way to review and control your held messages. It gives you a snapshot of all flagged emails so you can decide what stays blocked and what gets through.
-
Open the Mimecast digest email sent to your PVAMU inbox at 8:00 AM, 12:00 PM, or 4:00 PM.
-
Review the list of messages currently on hold to determine which may be safe or useful.
-
Select the appropriate option (Release, Permit, or Block) for each message to control future delivery.
Messages that Mimecast identifies as clear, undeniable spam (like those attempting to spoof a PVAMU email address maliciously or that contain known, malicious links) will drop before delivery. Mimecast holds solicitations, unwanted listservs, and other types of content, and users receive an email every day at 8 am, 12 pm, and 4 pm with options to release emails they don’t consider spam.
The actions you can perform on a held message are:
| Action |
Description |
| Release |
This will release the current email On Hold to your inbox, but future emails from this sender will still be placed On Hold. |
| Permit |
Delivers the email and adds the sender’s address to your personal Permit list, so future emails are not put On Hold. |
| Block |
This will reject the email and adds the sender’s address to your personal Block list to block future emails from this sender. |
You can complete the above actions from the PVAMU Mimecast digest emails or using your Personal Portal.
You can, however, visit your personal portal and manage your blocked and approved domains in a web interface. Log in with your PVAMU Single Sign On credentials, and complete the Duo authentication.
For detailed instructions, please visit Mimecast’s Message Center guide.
Guides to using Mimecast
Quick Start Guide to Mimecast (PDF)
Managing Your Personal Portal (PDF)
Accessing Your Personal Portal
Your portal allows you to login directly to the mimecast dashboard to manually release your emails, as well as manage your inidividual blocked and permitted lists.
Access Your Personal Portal
Possible Reasons on why your emails are being held:
| Policy |
Description |
| Spam Filter Policy |
This email has been flagged as Spam. This can be due to the email from a bulk email address or contains an unsubscribe or other button. |
| Zip File Attachment |
PVAMU does not allow Zip files. |
| Impersonation Protection |
This is triggered when a user with a PVAMU address uses a personal email address or an external address with the same name to email a PVAMU employee. |
| Suspected Malware |
A malware attachment has been sent to the user and has been removed. |
| Suspicious Message Structure |
The message has a suspicious message. |
| DMARC Fail |
The senders DMARC (used to properly identify the sender) is not configured. |
| Anti Spoof Policy |
Users are sending email from a site that is imitating the PVAMU domain. If this is legitimate Site it must be whitelisted. Please contact the Information Security Team at informationsecurity@pvamu.edu for assistance. |
Frequently Asked Questions
I don’t like the mail filter—it blocks too many messages I need!
- The messages you permit/release in the digests are not blocked, they’re held. Users have full control (and receive notifications twice a day) to release that mail and have 14 days to do so. A lot of the mail that you consider false positives someone else might not. In almost all cases, these false positives are “bulk” mail, the type most people delete immediately upon receiving. CITE received a lot of feedback that the campus receives too much-unwanted mail—at a certain point, cutting down on the amount of junk email the campus gets requires user control and participation. Simply be diligent in permitting domains and senders (use login.mimecast.com to do this in bulk) and the number of false positives you receive will come way down.
If I ignore a held message indefinitely, will Mimecast eventually regard it as outright spam?
- No, Mimecast only holds the message. If you take no action, it will continue to hold messages just like it and not take additional algorithmic action.
How long is a message held?
- Mimecast holds messages for 14 days.
I belong to a listserv that has many recipients and they all are getting held. What do I do?
- Listservs are almost always handled by listserv software, sent by a single IP address or domain. If you permit a single message, it will permit that IP/domain name for future messages.
I tried what you suggested above for my listserv but it didn’t work because each sender of the listserv is from a different domain. What do I do?
- Listserves that behave that way still use a single domain address in the “envelope” of the message. If you permit that domain explicitly, it will fix the issue. If you only click permit for one of the messages in the listserv, it won’t work because you’re only permitting that one person’s domain.
- In the example above, the mailing list and reply to are set to “…@incommon.org.” This is the domain to allow NOT “…@comodoca.com.” To do so: go to login.mimecast.com > log in > click Permitted on the left > and click Add Permitted on the far right. In the pop-up window, add the domain (in this example, “incommon.org”) and click Permit.
Will permitting a domain/IP retroactively release formerly held messages?
- It will not, you would have to release those retroactively.
If I release a message, will it release for the other recipients?
- It will not, the action is per user.
Someone from a PVAMU account sent me an email and it got blocked/held. How did that happen?
- While internal emails go through Mimecast, an email sent from a PVAMU account should not be stopped. If an email from PVAMU is stopped by Mimecast, the sender used a mail server external to PVAMU to send their message (Constant Contact or Mail Chimp for example). Please contact the Information Security Team at informationsecurity@pvamu.edu to request that the domain/IP address you work with be placed on the allow list
I have a folder called “Spam” in my PVAMU Outlook. What’s that?
- That is all mail that made it through Mimecast but Outlook then caught as spam. It is the second layer of spam security. When you mark your mail as Spam in Outlook, you are reporting it to Outlook and not Mimecast, which is a perfectly fine and easy way to report spam.
I have a message that is clearly spam that made it to my Inbox. How did that happen?
- That is a VERY impressive spam message—it got through two of the world’s top spam filters. Someone knows how to write a convincing message! First, verify that it is in fact spam, and then report it (and any other suspicious mail) by forwarding the message to informationsecurity@pvamu.edu.
I have an IP address or domain I need on the allow list. Can you help?
- Please contact the Help Desk to request that the domain/IP address you work with be placed on the allow list. Please know that we reserve the right to deny requests that would risk the security of our email system or pollute it with spam.
We Value Your Feedback
Prairie View A&M University is dedicated to improving the way we serve students, faculty, and staff. If you have suggestions on how we can make this article clearer, more helpful, or easier to follow, we welcome your comments. Your feedback helps us enhance our Knowledge Base and provide better support to the Panther community.