1. Information
Case Number: 01260956
Mimecast ID: 02-0092-00409
2. Questions
Questions for Sam McDonald.
-
Held Messages: DNS Authentication: DMARC Fail: expertisefrance.fr, Permit for Recipient
-
Held Messages: DNS Authentication: DMARC Fail: mark@shtzmy.com, Permit for Recipient
-
Custom Monthly Report: Email Statistics: November 2024
-
Total Inbound Email: 22,652
-
Legit Inbound Email: 14,477
-
Total Outbound Email: 7,549. This includes journaling emails? No.
-
-
Gateway > Authorized Outbounds
-
Authorised IP Address 3, smru-sfw-tst.dyndns.org, 32 ?
-
But one day later we received the email anyway: Received: 2024-12-04 19:52, Sent: 2024-12-03 14:50
-
-
Email Security Cloud Gateway - Permitted Senders Policy - Configuration
-
Mimecast - API: "fail":[{"key":{"subject":"Hello World","from":{"emailAddress":"alice@shoklo-unit.com","displayableName":"Alice"},"to":[{"emailAddress":"smru-it@shoklo-unit.com","displayableName":"SMRU-IT"}]},"errors":[{"field":"from","code":"err_mail_from_is_not_permitted_address","message":"From is not in the permitted addresses (primary, alias and alternates) ","retryable":false}]}]}
-
Mimecast for Outlook: See https://community.mimecast.com/s/article/end-user-applications-mimecast-for-outlook-authentication.
-
Set up DKIM.
-
Cleanup Internal Directories.
3. Email Security Setup Wizard
3.1. Steps involved
-
Account
-
Emergency Contact
-
Mail Infrastructure
-
Validate Domain
-
Delivery Routing
-
Directory Integration
-
-
Outbound Mail
-
SPF Record
-
Mail Routing
-
Journaling
-
Forwarding
-
-
Inbound Mail
-
Anti-Spoofing
-
MX Records
-
-
Summary
3.2. Choose Password
-
Browse to https://login-uk.mimecast.com/u/login/?gta=onboarding.
-
Type
admin@cuk92a409.mimecast.onboardingfor the Email Address. -
Click Next.
-
Type the Password stored in KeePass Password Manager.
-
Click Log In.
-
Type
088 273 3598for the mobile phone number. -
Type the 6-digit verification code that was sent to the 088 273 3598 mobile phone.
-
Click Verify.
-
Create a Mimecast entry in the KeePass Password Manager.
-
Type
admin@cuk92a409.mimecast.onboardingfor the User name. -
Type the new password in the Password field.
-
-
Type the old password in the Old Password field.
-
Type the new password in the Password field.
-
Type the new password in the Confirm Password field.
-
Click Set Password.
3.3. Account - Emergency Contact
-
Type
SMRU ITfor the Name. -
Type
smru-it@shoklo-unit.comfor the Email address. -
Type
+66882733589for the Mobile number.
3.4. Account - Mail Infrastructure
-
Select Microsoft 365 for the Mail Infrastructure.
-
Click Next.
-
Type
tbhf.onmicrosoft.comfor the tenant domain.Microsoft 365 admin center
-
Log in to Microsoft 365 admin center and add a custom TXT DNS record for the tbhf.onmicrosoft.com domain.
-
Select Settings > Domains.
-
Select the tbhf.onmicrosoft.com domain.
-
Select the DNS records tab.
-
Click Add record.
-
Select TXT (Text) for the Type.
-
Type
@for the TXT name. -
Type
0ed1fe018ae81d151a810a4007bd9af721b6c02a4ffor the TXT value. -
Select 1 Hour for the TTL.
-
-
-
Click Validate.
-
Click Next.
3.5. Account - Validate Domain
-
Choose TXT.
-
Type
bhf-th.orgfor the domain. -
Click Update.
Lonex Control Panel
-
Log in to Lonex Control Panel and add a custom TXT DNS record for the bhf-th.org domain.
-
Select My Domains > DNS Records.
-
Select bhf-th.org for the domain.
-
Click ADD A NEW RECORD.
-
Leave the Hostname empty.
-
Select bhf-th.org for the domain.
-
Select TXT for the Type.
-
Type
0ed1fe018aff07cc27ee244f1bbf9725a068fc8648for the Value. -
Type
3600for the TTL. -
Uncheck Enable GeoIP.
-
Click Add a New Record.
-
-
-
Click Validate.
-
Click Add Additional Domain.
-
Choose TXT.
-
Type
shoklo-unit.comfor the domain. -
Click Update.
Lonex Control Panel
-
Log in to Lonex Control Panel and add a custom TXT DNS record for the shoklo-unit.com domain.
-
Select My Domains > DNS Records.
-
Select shoklo-unit.com for the domain.
-
Click ADD A NEW RECORD.
-
Leave the Hostname empty.
-
Select shoklo-unit.com for the domain.
-
Select TXT for the Type.
-
Type
0ed1fe018acfcd3b614a2745be9861bdfa449a5cfdfor the Value. -
Type
3600for the TTL. -
Uncheck Enable GeoIP.
-
Click Add a New Record.
-
-
-
Click Validate.
-
Click Next.
3.6. Account - Delivery Routing
-
Browse to https://community.mimecast.com/s/article/email-security-cloud-gateway-data-centers-and-urls.
-
Select the Europe (Exclusing Germany) region.
-
Copy and paste all the CIDR IP ranges in the Connection Filtering Policy in Microsoft 365 admin center.
-
See below.
Microsoft 365 admin center
-
Log in to Microsoft 365 admin center and add the Mimecast service IP ranges to the allowed list in Connection Filtering Policy.
-
Select Admin centers > Security.
-
Select Email & collaboration > Policies & rules.
-
Select Threat policies.
-
Select Policies > Anti-spam.
-
Select Connection filter policy.
-
Select Edit description.
-
Type
Mimecastin the Description field. -
Click Save.
-
Select Edit connection filter policy.
-
Add the following 10 IP addresses as at 2025-06-04 for Europe (Excluding Germany) that can be found at Administration - Data Centers & URLs in the Always allow messages from the following IP addresses or address range field.
193.7.204.0/24,193.7.205.0/24,195.130.217.0/24,91.220.42.0/24,185.58.84.0/24,185.58.85.0/24,185.58.86.0/24,185.58.87.0/24,207.82.80.0/24,146.101.78.0/24
-
-
Leave the Always block messages from the following IP addresses or address range field empty.
-
Uncheck Turn on safe list.
-
Click Save.
-
Click Cancel.
-
-
Type
bhfth-org0i.mail.protection.outlook.comfor the Hostname or IP*. -
Type
25in the Port field. -
Click Check.
-
Click Next.
-
Todo: Type
shoklounit-com01e.mail.protection.outlook.comfor the Hostname or IP*. -
Todo: Type
25in the Port field. -
Todo: Click Check.
-
Todo: Click Next.
3.7. Account - Directory Integration
-
Click Skip to skip Directory Integration.
3.8. Outbound Mail - SPF Record
-
Note: When an SPF record includes ~all (softfail qualifier), receiving servers typically accept messages from senders that aren’t in your SPF record, but mark them as suspicious.
-
Note: When an SPF record includes -all (fail qualifier), receiving servers may reject messages from senders that aren’t in your SPF record.
-
Choose Outbound Mail.
-
Click Next.
Lonex Control Panel
-
Log in to Lonex Control Panel and modify the existing SPF record for the bhf-th.org domain.
-
Select My Domains > DNS Records.
-
Select the bhf-th.org domain.
-
Click inside the bhf-th.org | TXT (Custom) | v=spf1 include:spf.protection.outlook.com -all Value field.
-
Insert include:eu._netblocks.mimecast.com after v=spf1, making sure the sections are separated by a space.
-
Click bhf-th.org | TXT (Custom) | v=spf1 include:eu._netblocks.mimecast.com include:spf.protection.outlook.com -all | Modify.
-
Lonex Control Panel
-
Log in to Lonex Control Panel and modify the existing SPF record for the shoklo-unit.com domain.
-
Select My Domains > DNS Records.
-
Select the shoklo-unit.com domain.
-
Click inside the shoklo-unit.com | TXT (Custom) | v=spf1 ip4:110.77.148.10 include:spf.protection.outlook.com ~all Value field.
-
Insert include:eu._netblocks.mimecast.com after v=spf1, making sure the sections are separated by a space.
-
Click shoklo-unit.com | TXT (Custom) | v=spf1 include:eu._netblocks.mimecast.com ip4:110.77.148.10 include:spf.protection.outlook.com ~all | Modify.
-
-
-
Select bhf-th.org for the Domain.
-
Click Verify SPF Record.
-
Select shoklo-unit.com for the Domain.
-
Click Verify SPF Record.
-
Click Next.
3.9. Outbound Mail - Mail Routing
-
Click Next.
-
Copy and paste the 2 smart hosts from the Europe (excluding Germany) region in a new Connnector in Exchange admin center.
-
See below.
Exchange admin center
-
Log in to Exchange admin center and add a connector.
-
Select Mail flow | Connectors.
-
Click Add a connector.
-
Choose Connection from | Office 365.
-
Choose Connection to | Partner organization.
-
Click Next.
-
Type
Mimecastfor the Name. -
Type
Mimecastfor the Description. -
Check Turn it on.
-
Click Next.
-
Choose Only when email messages are sent to these domains.
-
Type
*and click the + button. -
Click Next.
-
Choose Route email through these smart hosts.
-
Type
eu-smtp-o365-outbound-1.mimecast.comand click the + button. -
Type
eu-smtp-o365-outbound-2.mimecast.comand click the + button. -
Click Next.
-
Check Always use Transport Layer Security (TLS) to secure the connection (recommended).
-
Choose Issued by a trusted certificate authority (CA).
-
Uncheck Add the subject name or subject alternative name (SAN) matches this domain name.
-
Click Next.
-
Type
smru-it@tropmedres.acand click the + button. -
Click Validate.
-
Click Next.
-
Review connectorMail flow scenario From: Office 365 To: Partner organization Name Mimecast Status Turn it on after saving Use of connector Use only for email sent to these domains: {asterisk} Routing Route email messages through these smart hosts: eu-smtp-o365-outbound-1.mimecast.com,eu-smtp-o365-outbound-2.mimecast.com Security restrictions Always use Transport Layer Security (TLS) and connect only if the recipient's email server certificate is issued by a trusted certificate authority (CA).-
Click Create connector.
-
Click Done.
-
-
Click Next.
3.10. Outbound Mail - Journaling
-
Click Skip to skip Journaling.
3.11. Outbound Mail - Forwarding
-
Click Skip to skip Forwarding.
3.12. Inbound Mail - Anti-Spoofing
-
Click Skip to skip Anti-Spoofing.
3.13. Inbound Mail - MX Records
-
Click Next.
Pref Hostname 10 eu-smtp-inbound-1.mimecast.com 10 eu-smtp-inbound-2.mimecast.com
Lonex Control Panel
-
Log in to Lonex Control Panel and add an MX record for the bhf-th.org domain.
-
Select My Domains > DNS Records.
-
Select the bhf-th.org domain.
-
Set the Priority of the www.bhf-th.org | MX | bhfth-org0i.mail.protection.outlook.com | 0 | 1800 MX record to 20.
-
Set the Priority of the www.bhf-th.org | MX (Custom) | bhfth-org0i.mail.protection.outlook.com | 0 | 1800 MX record to 20.
-
Click www.bhf-th.org | MX | bhfth-org0i.mail.protection.outlook.com | 20 | 1800 | Modify
-
Click www.bhf-th.org | MX (Custom) | bhfth-org0i.mail.protection.outlook.com | 20 | 1800 | Modify
-
Todo: Click www.bhf-th.org | MX | bhfth-org0i.mail.protection.outlook.com | 20 | 1800 | Delete
-
Todo: Click www.bhf-th.org | MX (Custom) | bhfth-org0i.mail.protection.outlook.com | 20 | 1800 | Delete
-
Lonex Control Panel
-
Log in to Lonex Control Panel and add an MX record for the shoklo-unit.com domain.
-
Select My Domains > DNS Records.
-
Select the shoklo-unit.com-th.org domain.
-
Set the Priority of the www.shoklo-unit.com | MX | shoklounit-com01e.mail.protection.outlook.com | 0 | 1800 MX record to 20.
-
Set the Priority of the www.shoklo-unit.com | MX (Custom) | shoklounit-com01e.mail.protection.outlook.com | 0 | 1800 MX record to 20.
-
Click www.shoklo-unit.com | MX | shoklounit-com01e.mail.protection.outlook.com | 20 | 1800 | Modify
-
Click www.shoklo-unit.com | MX (Custom) | shoklounit-com01e.mail.protection.outlook.com | 20 | 1800 | Modify
-
Todo: Click www.shoklo-unit.com | MX | shoklounit-com01e.mail.protection.outlook.com | 20 | 1800 | Delete
-
Todo: Click www.shoklo-unit.com | MX (Custom) | shoklounit-com01e.mail.protection.outlook.com | 20 | 1800 | Delete
-
Lonex Control Panel
-
Log in to Lonex Control Panel and add an MX record for the bhf-th.org domain.
-
Select My Domains > DNS Records.
-
Select the bhf-th.org domain.
-
Click ADD A NEW RECORD.
-
Leave the Hostname empty.
-
Select bhf-th.org for the domain.
-
Select MX for the Type.
-
Type
eu-smtp-inbound-1.mimecast.comfor the Value. -
Type
10for the Priority. -
Type
3600for the TTL. -
Uncheck Enable GeoIP.
-
Click Add a New Record.
-
Lonex Control Panel
-
Log in to Lonex Control Panel and add an MX record for the bhf-th.org domain.
-
Select My Domains > DNS Records.
-
Select the bhf-th.org domain.
-
Click ADD A NEW RECORD.
-
Leave the Hostname empty.
-
Select bhf-th.org for the domain.
-
Select MX for the Type.
-
Type
eu-smtp-inbound-2.mimecast.comfor the Value. -
Type
10for the Priority. -
Type
3600for the TTL. -
Uncheck Enable GeoIP.
-
Click Add a New Record.
-
Lonex Control Panel
-
Log in to Lonex Control Panel and add an MX record for the shoklo-unit.com domain.
-
Select My Domains > DNS Records.
-
Select the bhf-th.org domain.
-
Click ADD A NEW RECORD.
-
Leave the Hostname empty.
-
Select shoklo-unit.com for the domain.
-
Select MX for the Type.
-
Type
eu-smtp-inbound-1.mimecast.comfor the Value. -
Type
10for the Priority. -
Type
3600for the TTL. -
Uncheck Enable GeoIP.
-
Click Add a New Record.
-
Lonex Control Panel
-
Log in to Lonex Control Panel and add an MX record for the shoklo-unit.com domain.
-
Select My Domains > DNS Records.
-
Select the bhf-th.org domain.
-
Click ADD A NEW RECORD.
-
Leave the Hostname empty.
-
Select shoklo-unit.com for the domain.
-
Select MX for the Type.
-
Type
eu-smtp-inbound-2.mimecast.comfor the Value. -
Type
10for the Priority. -
Type
3600for the TTL. -
Uncheck Enable GeoIP.
-
Click Add a New Record.
-
-
-
Select bhf-th.org for the Domain.
-
Click Verify MX Record.
Warning notification The requested Mimecast MX entries have been located but the domain also still holds other MX entries within DNS. We recommend that you remove these other MX entries.
-
Select shoklo-unit.com for the Domain.
-
Click Verify MX Record.
Warning notification The requested Mimecast MX entries have been located but the domain also still holds other MX entries within DNS. We recommend that you remove these other MX entries.
-
Click Next.
3.14. Summary
Great Job! You have input your information and set up your inbound and outbound mail flow for the domain you validated. If you need to edit the information you entered, please contact Mimecast Professional Services. You can do this either by responding to your initial implementation email or accessing your implementation case on the Support Hub. https://community.mimecast.com/s/contactsupport
Account
Emergency Contact SMRU IT
Email smru-it@shoklo-unit.com
Mobile +66882733589
Infrastructure Microsoft 365
Tenant Domain tbhf.onmicrosoft.com
Validated Domain 2 Domains added
bhf-th.org
shoklo-unit.com
Hostname or IP bhfth-org0i.mail.protection.outlook.com
Port 25
Directory Integration Skipped
Outbound Mail
SPF Record v=spf1 include:eu._netblocks.mimecast.com ~all
Journaling Skipped
Forwarding Skipped
Inbound Mail
Anti-Spoofing Skipped
MX Record Pref 10 Hostname: eu-smtp-inbound-1.mimecast.com
MX Record Pref 10 Hostname: eu-smtp-inbound-2.mimecast.com
-
Click Finish.
4. Sign In
-
Manually: Browse to Mimecast Administration Console.
-
Douwe: Type
douwe@shoklo-unit.comin the Email Address field anc click Next. -
Lookpla: Type
unchuleeporn@shoklo-unit.comin the Email Address field anc click Next. -
Tao: Type
chanchai@bhf-th.orgin the Email Address field anc click Next. -
Type the Mimecast user password in the Password field anc click Log In.
-
Type the 6-digit mfa code in the Verification code field anc click Log In.
-
-
Automated: Type
mfaat a Command Prompt and select Mimecast Administration Console.
5. Sign Out
-
Select the User Profile icon at the top right corner.
-
Select Log Out.
6. User Profile
-
Select the User Profile icon at the top right corner.
-
Select Preferences.
-
Enable Early Access.
-
Click Apply.
-
Not working !!!
7. Configure Authorized Outbounds
-
Note: Only Mimecast can add entries for Authorized Outbounds.
-
Note: The 110.77.143.112/29 public IP address range has been added by Mimecast.
-
Note: The 110.77.148.10/32 public IP address has been added by Mimecast.
-
This allows emails from Mae Ramat office to be sent directly to Mimecast.
-
Select Gateway > Authorized Outbounds.
Entry Narrative IP Address Mask Authorised IP Address 110.77.143.112 29 Authorised IP Address 2 110.77.148.10 32
8. Configure Anti-Spoofing
-
Select Gateway > Policies.
-
Select Anti-Spoofing.
-
Select New Policy.
Policy Narrative Default Anti-Spoofing IP Allow Policy Select Option Take no action Addresses Based On Both Applies From Everyone Specifically Applies to all Senders Applies To Everyone Specifically Applies to all Recipients Set policy as perpetual Always On Policy Override + Source IP Ranges 110.77.143.112/29 110.77.148.10/32 -
Click Save and Exit.
From To Policy - Start End - Narrative Everyone Internal Unidirectional Policy Take no action Override - Eternal Policy is ACTIVE Default Anti-Spoofing IP Allow Policy Internal Internal Unidirectional Policy Apply Anti-Spoofing (Exclude Mimecast IPs) - Eternal Policy is ACTIVE Default Anti-Spoofing Policy
9. Configure Attachment Management
-
Note: Prevent Default Attachment Management Definition - Block Dangerous File Types messages showing up in Message Center > Held Messages > Overview.
-
Select Gateway > Policies.
-
Select Attachment Management.
-
Select Default Attachment Management Definition - Block Dangerous File Types.
-
Select Validity | Enable / Disable | Disable.
-
Click Save and Exit.
10. Configure URL Protection
-
Note: Prevent Default Outbound URL Protect Definition messages showing up in Message Center > Held Messages > Overview.
-
Select Gateway > Policies.
-
Select URL Protection.
-
Select Default Outbound URL Protect Definition.
-
Select Validity | Enable / Disable | Disable.
-
Click Save and Exit.
11. Configure Authentication Profile
-
Select Services > Applications.
-
Click Authentication Profiles.
-
Click New Authentication Profile.
Description Authentication Profile for Authorized Outbounds Allow Cloud Authentication Allow Always Pasword Reset Options Not Allowed Domain Authentication Mechanisms None 2-Step Authentication None Authentication TTL 3 days
-
Click Save and Exit.
-
Select Services > Applications.
-
Click New Application Settings.
-
Click Group | Lookup.
-
Select Local Groups > Root > Permitted Senders.
-
Click Authentication Profile | Lookup.
-
Select Select Authentication Profile for Authorized Outbounds.
-
Click Mimecast for Outlook Branding | Lookup.
-
Select ???.
Description Application Settings for Authorized Outbounds Group Permitted senders Authentication Profile Authentication Profile for Authorized Outbounds User Initiated Password Changes + Mimecast for Outlook Branding
-
Click Save and Exit.
12. Configure AD Sync Connector
-
Select Services > Connectors.
-
Select the Cloud Connectors tab.
-
Click Create Connector.
-
Choose Directory Synchronization.
-
Click Next.
-
Select Microsoft Azure - Standard.
-
Click Next.
Microsoft 365 admin center
-
Click Log In to grant Mimecast permissions to Microsoft Azure - Standard.
-
Select the BHF IT Admin (bhf@tbhf.onmicrosoft.com) account.
-
Click Accept to accept the ??? app.
-
-
-
Wait for Permissions granted to be shown.
-
Click Next.
-
Type
Active Directory Sync Connectorfor the Name. -
Leave the Description field empty.
-
Click Next.
Product Directory Synchronization Provider Microsoft Azure - Standard Authentication Permissions granted Name Active Directory Sync Connector Description -
-
Click Create Connector.
13. Configure Journal Connector
-
Select Services > Connectors.
-
Select the Cloud Connectors tab.
-
Click Create Connector.
-
Choose O365 - SimplyMigrate - archived mailbox / EWS support.
-
Click Next.
-
Select Microsoft O365.
-
Click Next.
Microsoft 365 admin center
-
Click Log In to grant Mimecast permissions to Microsft O365.
-
Select the BHF IT Admin (bhf@tbhf.onmicrosoft.com) account.
-
Click Accept to accept the Mimecast O365 Archive Simply Migrate UK 1 app.
-
-
-
Wait for Permissions granted to be shown.
-
Click Next.
-
Type
Mimecast Journal Connectorfor the Name. -
Leave the Description field empty.
-
Click Next.
Product O365 - SimplyMigrate - archived mailbox / EWS support Provider Microsoft O365 Authentication Permissions granted Name Mimecast Journal Connector Description -
-
Click Create Connector.
14. Configure Journaling Service
-
Select Services > Journaling.
-
Click New Journal Service Definition.
Description SMTP Journal Connector Transport Type SMTP Service Email Address journaling@journal.bhf-th.org Journal Type Exchange Envelope Journal Format Encrypted +
-
Click Save and Exit.
Description Enabled Journal Email Adress Hostname / IP Transport Type Processing Queue POP3 Mailbox Queue Service Status SMTP Journal Connector + journaling@journal.bhf-th.org [] SMTP EEJ 0 N/A OK
15. Powershell
-
Select Directories > Profile Groups.
-
???
-
Select Directories > Internal Directories.
-
Select @shoklo-unit.com.
-
Select powershell@shoklo-unit.com.
-
Check Password Never Expires.
-
Check Allow SMTP Email Submission.
-
Click Save and Exit.
-
Enter the following commands at a Command Prompt with administrative privileges.
Send-SecureEmail -From powershell@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer eu-smtp-outbound-1.mimecast.com -Port 587 -UseSsl:$True # WORKS, 2024-10-01 Send-SecureEmail -From apc99@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer eu-smtp-outbound-1.mimecast.com -Port 587 -UseSsl:$True # WORKS, 2024-10-01 Send-SecureEmail -From powershell@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer eu-smtp-outbound-1.mimecast.com # WORKS, 2024-10-01 Send-SecureEmail -From apc99@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer eu-smtp-outbound-1.mimecast.com # WORKS, 2024-10-01 Send-InsecureEmail -From powershell@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer 10.10.1.170 # WORKS, 2024-10-01 Send-InsecureEmail -From apc99@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer 10.10.1.170 # WORKS, 2024-10-01 # Make sure to prevent the "The remote certificate is invalid according to the validation procedure" error. # 1) Make sure that the Self-Signed Root certificate is installed on the computer. # TBHFWS-IT01: certlm.msc Certificates - Local Computer > Trusted Root Certificate Authorities > Certificates: @SMRU Root CA # 2) Make sure that the SMRU Sophos Firewall certificate is selected on the Sophos firewall. # SMRU-SFW-MRM: PROTECT > Email > General settings > SMTP TLS configuration > TLS Certificate: @SMRU-Sophos-Firewall Send-SecureEmail -From powershell@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer 10.10.1.170 # WORKS, 2024-10-02 Send-SecureEmail -From apc99@shoklo-unit.com -To douwe@shoklo-unit.com -SmtpServer 10.10.1.170 # WORKS, 2024-10-02 $Username = "powershell@shoklo-unit.com" $Password = ConvertTo-SecureString -AsPlainText -Force -String 'TopSecretMailBox!00' $Credential = New-Object System.Management.Automation.PSCredential($Username, $Password) Send-SecureEmail -Credential $Credential -From apc57@shoklo-unit.com -To douwe@shoklo-unit.com -Subject "Test Spoofed Email using powershell@shoklo-unot.com" -SmtpServer eu-smtp-outbound-1.mimecast.com $Username = "relay@shoklo-unit.com" $Password = ConvertTo-SecureString -AsPlainText -Force -String '2iEb6re4LL!!' $Credential = New-Object System.Management.Automation.PSCredential($Username, $Password) Send-SecureEmail -Credential $Credential -From apc57@shoklo-unit.com -To douwe@shoklo-unit.com -Subject "Test Spoofed Email using relay@shoklo-unot.com" -SmtpServer eu-smtp-outbound-1.mimecast.com
16. API
16.1. Mimecast Administration Console
-
Select Account > Roles.
-
Click New Role.
Role Name Mimecast API Role Description Needed for POST /api/email/send-email endpoint Cannot manage Roles * Manage Application Roles . Account Menu Dashboard Read + Edit + Service Monitor - Gateway Menu - Services Menu - Archive Menu - Directories Menu - Stationary Menu - Monitoring Menu - Reports Menu - Awareness Training - BYO Threat Intelligence Menu - SIEM Menu - Event Streaming Service - Security Events and Data Retrieval - Multi Account Controls Menu - Custom Header Policy - More Products - Analysis and Response Home - Integrations Marketplace - -
Click Save and Exit.
-
Select Services > API and Platform Integrations.
-
Select the Available Integrations tab.
-
Click Mimecast API 2.0 | Generate Keys.
-
Check I accept.
-
Click Next.
Application Name PowerShell Category Email / Archiving Products Email Security Cloud Gateway Application Role Mimecast API Role Description Send automated emails to smru-it@shoklo-unit.com using Mimecast API 2.0
-
Click Next.
Technical Point of Contact IT Helpdesk Email smru-it@shoklo-unit.com
-
Click Next.
-
Click Add and Generate Keys.
-
Copy the Client Id and Client Secret and store in the KeePassXC Password Manager.
-
Click Close.
-
Select Account > Roles.
-
Select API Application: PowerShell.
-
Click Go Back.
16.2. Information
16.2.1. API Documentation
When setting the message body in a request you can use either the "id" or "content" parameters. Do not use both. Use the "content" parameter for short messages where the total content length of the request is less than 5 MB. 5 MB is the maximum content length allowed by the API function. Recommended: If you want to send a longer message body and for a more consistent experience, use the "id" parameter to set the message body to a file that has previously been uploaded to Mimecast using the /api/file/file-upload function.
-
Mimecast API 1.0
-
Mimecast API 2.0
16.2.2. From Address
You need to send from the service address associated to the 2.0 application in Mimecast. This address holds a basic admin role. The address is api-77fdda1b-2c30-46b2-818a-a807c92cb49a@shoklo-unit.com.
Alternatively, if you would like to send from a different address, assign that address to be an alias for api-77fdda1b-2c30-46b2-818a-a807c92cb49a@shoklo-unit.com.
To create an alias address, navigate to the address in the internal directories that you want to send mail from for this API. Click into that address and you’ll see a box that says "Address Alias For". Click "Lookup" and select api-77fdda1b-2c30-46b2-818a-a807c92cb49a@shoklo-unit.com.
-
Open Mimecast Administration Console.
-
Select Directories > Internal Directories.
-
Select @shoklo-unit.com.
-
Select powershell@shoklo-unit.com.
-
Click Address Alias For | Lookup.
-
Select api-77fdda1b-2c30-46b2-818a-a807c92cb49a@shoklo-unit.com.
-
Click Save and Exit.
-
Select the User Profile icon at the top right corner.
-
Select Log out.
Note: It may take some time for the change to take effect.
16.3. Bash
-
Log in as smru on tbhf-ops-mrm.
-
Enter the following commands at a Command Line with root privileges.
file="/root/.Mimecast-API.crd" username="$(grep username "${file}" | sed s/^username=//)" password="$(grep password "${file}" | sed s/^password=//)" # Get token. baseuri="https://api.services.mimecast.com" response="$(curl \ --data-urlencode "client_id=${username}" \ --data-urlencode "client_secret=${password}" \ --data-urlencode "grant_type=client_credentials" \ --header "Content-Type: application/x-www-form-urlencoded" \ --location \ --request POST \ --silent \ "${baseuri}/oauth/token" \ )" token="$(echo ${response} | sed -e "s/\",.*$//" | sed -e "s/^.*\"//")" # Send to single recipient. data="{'data': [ { 'plainBody':{ 'id':'47', 'content':'Hello World' }, 'subject':'Hello World', 'to': [ { 'displayableName':'SMRU-IT', 'emailAddress':'smru-it@shoklo-unit.com' } ] } ] }" # Send to multiple recipients. data="{ 'data': [ { 'plainBody': { 'id': '99', 'content': 'Testing mail to multiple users using curl with Mimecast API' }, 'subject': 'Testing mail to multiple users using curl', 'to': [ { 'displayableName': 'Seeminthu', 'emailAddress': 'seeminthu@bhf-th.org' }, { 'displayableName': 'Douwe', 'emailAddress': 'douwe@shoklo-unit.com' } ] } ] }" # See https://developer.services.mimecast.com/docs/cloudgateway/1/routes/api/file/file-upload/post # See https://integrations.mimecast.com/documentation/endpoint-reference/email/file-upload # See https://stackoverflow.com/questions/64250379/mimecast-api-send-attachment # See https://developer.services.mimecast.com/api-1-0-to-2-0-migration-guide response="$(curl \ --compressed \ --header "Authorization: Bearer ${token}" \ --header "Accept: application/json" \ --request POST \ --silent \ "${baseuri}/api/file/file-upload" \ )" echo "${response}" # Send with an attachment (text file). # Send with an attachment (binary file). # See https://developer.services.mimecast.com/docs/cloudgateway/1/routes/api/file/file-upload/post # See https://developer.services.mimecast.com/docs/cloudgateway/1/routes/api/email/send-email/post file="/etc/hosts" #file="/usr/bin/bdftruncate" basename="$(basename "${file}")" size="$(stat --printf="%s" "${file}")" content="$(cat "${file}")" content="$(base64 $file)" data="{'data': [ { 'attachments': [ { 'size':${size}, 'filename':'${basename}', 'content':'${content}', 'contentDisposition':'attachment; filename=${basename}', 'contentTransferEncoding':'base64', 'contentType':'application/octet-stream; name=${basename}', 'id':'53' } ], 'plainBody':{ 'id':'47', 'content':'Hello World' }, 'subject':'Hello World with attachment', 'to': [ { 'displayableName':'Douwe', 'emailAddress':'douwe@shoklo-unit.com' } ] } ] }" response="$(curl \ --compressed \ --data "${data}" \ --header "Authorization: Bearer ${token}" \ --header "Accept: application/json" \ --header "Content-Type: application/json" \ --request POST \ --silent \ "${baseuri}/api/email/send-email" \ )" echo "${response}"
16.4. PowerShell
-
Enter the following commands at a PowerShell Command Prompt with administrative privileges.
$BaseUri = "https://api.services.mimecast.com" $Credentials = Receive-Credentials "Mimecast-API" $Username = $Credentials.GetNetworkCredential().Username $Password = $Credentials.GetNetworkCredential().Password # Get token. $Body = "client_id=$Username&client_secret=$Password&grant_type=client_credentials" $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("Content-Type", "application/x-www-form-urlencoded") $Method = "POST" $Uri = "$BaseUri/oauth/token" $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $Method -Uri $Uri $Token = $Response.access_token$From = "apc77@shoklo-unit.com" # Send to single recipient. $Body = "{'data': [ { 'plainBody': { 'id': '47', 'content': 'Hello World' }, 'subject': 'Hello World', 'to': [ { 'displayableName': 'SMRU-IT', 'emailAddress': 'smru-it@shoklo-unit.com' } ] } ] }" # Send to multiple recipients. $Body = "{'data': [ { 'plainBody': { 'id': '99', 'content': 'Testing mail to multiple users using PowerShell with Mimecast API' }, 'subject': 'Testing mail to multiple users using PowerShell', 'froom': $From, 'to': [ { 'displayableName': 'Seeminthu', 'emailAddress': 'seeminthu@bhf-th.org' }, { 'displayableName': 'Douwe', 'emailAddress': 'douwe@shoklo-unit.com' } ] } ] }" $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("Authorization", "Bearer $Token") $Headers.Add("Accept", "application/json") $Headers.Add("Content-Type", "application/json") $Uri = "$BaseUri/api/email/send-email" $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $Method -Uri $Uri $Response $Response.fail# Send with attachment less than 5 MB. # Note: When the content contains one or more single quotes, it fails with an "Invalid payload" error message. $Path = "${Env:SystemRoot}\System32\drivers\etc\hosts" #$Path = "${Env:SystemRoot}\System32\drivers\etc\hosts.tst" $Name = (Get-Item $Path).Name $Size = (Get-Item $Path).Length $Content = Get-Content -Path $Path -Raw $Content = Get-Content -Encoding "Byte" -Path $Path -Raw # PowerShell 5.1. $Content = "aaa bbb 127.0.0.1 ccc" $Content = "aaa bbb 127.0.0.1 ccc`r`nddd" #$Text = 'This is a secret and should be hidden' #$Bytes = [System.Text.Encoding]::Unicode.GetBytes($Text) $Bytes = Get-Content -Encoding "Byte" -Path $Path -Raw # PowerShell 5.1. $Content = [Convert]::ToBase64String($Bytes) #$Content $Body = "{'data': [ { 'attachments': [ { 'content': '$Content', 'filename': '$Name', 'size': $Size } ], 'plainBody': { 'id': '53', 'content': 'Hello World' }, 'subject': 'Hello World', 'to': [ { 'displayableName': 'SMRU-IT', 'emailAddress': 'smru-it@shoklo-unit.com' } ] } ] }" $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("Authorization", "Bearer $Token") $Headers.Add("Accept", "application/json") $Headers.Add("Content-Type", "application/json") $Uri = "$BaseUri/api/email/send-email" $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $Method -Uri $Uri $Response $Response.fail# Send with attachment greater than 5 MB. $Path = "${Env:SystemRoot}\System32\drivers\etc\hosts" $Name = (Get-Item $Path).Name $Size = (Get-Item $Path).Length $FileHash = Get-FileHash -Path $Path <# #Generate request header values #$hdrDate = (Get-Date).ToUniversalTime().ToString("ddd, dd MMM yyyy HH:mm:ss UTC") #$requestId = [guid]::NewGuid().guid #Create the HMAC SHA1 of the Base64 decoded secret key for the Authorization header $sha = New-Object System.Security.Cryptography.HMACSHA1 $sha.key = [Convert]::FromBase64String($secretKey) $sig = $sha.ComputeHash([Text.Encoding]::UTF8.GetBytes($hdrDate + ":" + $requestId + ":" + $uri + ":" + $appKey)) $sig = [Convert]::ToBase64String($sig) # Generate sha256 of file to upload. $fileSize = Get-Item $filename $fileSize = $fileSize.length #Create Headers $Headers = @{"Authorization" = "MC " + $accessKey + ":" + $sig; "x-mc-date" = $hdrDate; "x-mc-app-id" = $appId; "x-mc-req-id" = $requestId; "Content-Type" = "application/octet-stream"; "x-mc-arg" = "{'data': [{'sha256': '" + $FileHash.Hash + "', 'fileSize': " + $Size + "}]}"; } #> $Body = Get-Content -Encoding "Byte" -Path $Path -Raw # PowerShell 5.1. $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("Authorization", "Bearer $Token") #$Headers.Add("Accept", "application/json") $Headers.Add("Content-Type", "application/octet-stream") $Headers.Add("x-mc-arg", "{'data': [{'sha256': '" + $FileHash.Hash + "', 'fileSize': " + $Size + "}]}") # In order to successfully use this endpoint the role assigned to the app must have at least the following level of application permissions granted Account | Dashboard | Read. $Uri = "$BaseUri/api/file/file-upload" $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $Method -Uri $Uri $Response $Response.fail $Body = "{'data': [ { 'attachments': [ { 'filename': '$Name', 'id': '$Id', 'size': $Size } ], 'plainBody': { 'id': '53', 'content': 'Hello World' }, 'subject': 'Hello World', 'to': [ { 'displayableName': 'SMRU-IT', 'emailAddress': 'smru-it@shoklo-unit.com' } ] } ] }" $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("Authorization", "Bearer $Token") $Headers.Add("Accept", "application/json") $Headers.Add("Content-Type", "application/json") $Uri = "$BaseUri/api/email/send-email" $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $Method -Uri $Uri $Response $Response.fail
16.5. Python
-
Log in as smru on tbhf-ops-mrm.
-
Enter the following commands at a Command Line with root privileges.
python3 # Do your thing. exit() quit()import hashlib, json, os, requests, uuid def get_token(file): with open(file, "r") as f: username = f.readline().strip() password = f.readline().strip() username = username.replace("username=", "") password = password.replace("password=", "") url = base + "/oauth/token" headers = { 'Content-Type': 'application/x-www-form-urlencoded' } payload = "client_id=" + username + "&client_secret=" + password + "&grant_type=client_credentials" response = json.loads(requests.request("POST", url, headers=headers, data=payload).text) return response['access_token'] def get_hash(file): # Incrementally generate a SHA256 hash, to support larger files. # More memory efficient than doing it in a single block. sha256 = hashlib.sha256() with open(file, "rb") as f: for block in iter(lambda: f.read(4096), b""): sha256.update(block) return sha256.hexdigest() def get_upload_url(token, hash, size): url = base + "/api/file/file-upload" headers = { "x-request-id": str(uuid.uuid4()), "Authorization": "Bearer " + token, "Accept": "application/json" } body = { "data": [ { "sha256": hash, "fileSize": size } ] } response = requests.request("POST", url, headers=headers, json=body).json() return response['data'][0]['urls'][0] def upload_file(url, file, token): headers = { "x-request-id": str(uuid.uuid4()), "Content-Type": "application/octet-stream", "Accept": "application/json", "Authorization": "Bearer " + token } with open(file, "rb") as f: response = requests.request("PUT", url, headers=headers, data=f.read()) return response.json()["id"] def send_email(recipient, subject, body, id, size, file, token): url = base + "/api/email/send-email" body = { "data": [ { "attachments": [ { "size": size, "id": id, "filename": os.path.basename(file) } ] "plainBody": { "id": "47", "content": body }, "subject": subject, "to": [ { "emailAddress": recipient, } ], } ] } headers = { "Authorization": f"Bearer {token}", "Accept": "application/json", "Content-Type": "application/json" } response = requests.post(url, headers=headers, json=body) return response.text base = "https://api.services.mimecast.com" # Get token. token = get_token("/root/.Mimecast-API.crd") # Get file hash and size. file = "/etc/hosts" hash = get_hash(file) size = str(os.path.getsize(file)) # Generate new upload URL. url = get_upload_url(token, hash, size) # Put file to given url and return id. id = upload_file(url, file, token) # Send email. recipient = "douwe@shoklo-unit.com" subject = "Test 01" body = "Hello world" send_email(recipient, subject, body, id, size, file, token)# See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition # See https://en.wikipedia.org/wiki/MIME # See https://pro2col.com/blog/automate-file-transfers-like-an-expert-with-powershell-google-cloud def execute(file, recipient, sender, subject, token, url): size = str(os.path.getsize(file)) with open(file, "rb") as f: data=f.read() code = base64.b64encode(data) content = code.decode("ascii") body = { "data": [ { "subject": subject, #"from": { "emailAddress": sender, "displayableName": "Python" }, "from": { "emailAddress": sender, "displayableName": "Relay" }, #"from": { "emailAddress": sender }, "to": [ { "emailAddress": recipient, } ], "attachments": [ { "size": size, "content": content, "contentDisposition": "attachment", "contentId": "", "contentTransferEncoding": "base64", "contentType": "image/jpeg", "extraHeaders": [ { "name": "", "value": "" } ], "filename": os.path.basename(file) } ] } ] } headers = { "Authorization": "Bearer " + token, "Accept": "application/json", "Content-Type": "application/json" } response = requests.post(url, headers=headers, json=body) return response.text # See https://www.example-code.com/powershell/mime_content_transfer_encoding.asp content = '/9j/4AAQSkZJRgABAQEASABIAAD//gAmRmlsZSB3cml0dGVuIGJ5IEFkb2JlIFBob3Rvc2hvcD8g\ NC4w/9sAQwAQCwwODAoQDg0OEhEQExgoGhgWFhgxIyUdKDozPTw5Mzg3QEhcTkBEV0U3OFBtUVdf\ YmdoZz5NcXlwZHhcZWdj/9sAQwEREhIYFRgvGhovY0I4QmNjY2NjY2NjY2NjY2NjY2NjY2NjY2Nj\ Y2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2Nj/8IAEQgAFAAUAwERAAIRAQMRAf/EABcAAAMBAAAA\ AAAAAAAAAAAAAAIDBAX/xAAYAQADAQEAAAAAAAAAAAAAAAABAgMEAP/aAAwDAQACEAMQAAAB2kZY\ NNEijWKddfTmLgALWH//xAAbEAACAgMBAAAAAAAAAAAAAAABAgMRAAQSE//aAAgBAQABBQL0XqN+\ pM2aqJGMiqFFCyg7z//EABwRAAICAgMAAAAAAAAAAAAAAAERAAIQIQMSUf/aAAgBAwEBPwHqU5aq\ Axx+y1tMQl4elj//xAAcEQEAAQUBAQAAAAAAAAAAAAABEQACEBIhA1H/2gAIAQIBAT8B3Bhqy7Zc\ enyiwmGgDhiOzj//xAAdEAABAwUBAAAAAAAAAAAAAAABAAIREBIhIkFR/9oACAEBAAY/ArZyn+Cg\ xtxWuJaoCnqDuin/xAAcEAABBAMBAAAAAAAAAAAAAAABABEhYRAxQVH/2gAIAQEAAT8hkEwPUUR9\ DYfE4nxtRpIkBTsayuALIiuY/9oADAMBAAIAAwAAABDWPTsf/8QAGhEAAwADAQAAAAAAAAAAAAAA\ AAEREDFBIf/aAAgBAwEBPxC0DVPcWm+Ce4OesrkE6bjH/8QAGBEBAQEBAQAAAAAAAAAAAAAAAREA\ QRD/2gAIAQIBAT8QahMiOc8YgSrnTY3ELclHXn//xAAcEAEBAAIDAQEAAAAAAAAAAAABEQAhMUFx\ EFH/2gAIAQEAAT8Qn3igmSZSj+c4N4zapMy9IjFV98wncN2iuLFsCEbDGxQkI6RO/n//2Q==' import base64 code = base64.b64decode(content) newFile = open("/tmp/filename.jpg", "wb") newFile.write(code) newFile.close() file = "/tmp/Fryslan.jpg" size = str(os.path.getsize(file)) with open(file, "rb") as f: data=f.read() content = base64.b64encode(data) #content = "Somewhere" file = "/tmp/Fryslan.jpg" recipient = "douwe@shoklo-unit.com" sender = "douwe@shoklo-unit.com" sender = "powershell@shoklo-unit.com" sender = "relay@shoklo-unit.com" sender = "api-77fdda1b-2c30-46b2-818a-a807c92cb49a@shoklo-unit.com" subject= "Test 1 on 2025-01-09" token = get_token("/root/.Mimecast-API.crd") url = "https://api.services.mimecast.com/api/email/send-email" execute(file, recipient, sender, subject, token, url) #execute(code, recipient, sender, subject, token, url) # From is not in the permitted addresses (primary, alias and alternates) def send_email0(recipient, subject, body, content, size, file, token): url = base + "/api/email/send-email" body = { "data": [ { "attachments": [ { "size": size, "content": content, "filename": os.path.basename(file) } ] "plainBody": { "id": "47", "content": body }, "subject": subject, "to": [ { "emailAddress": recipient, } ], } ] } headers = { "Authorization": f"Bearer {token}", "Accept": "application/json", "Content-Type": "application/json" #"Content-Type": "application/octet-stream", } response = requests.post(url, headers=headers, json=body) return response.text base = "https://api.services.mimecast.com" # Get token. token = get_token("/root/.Mimecast-API.crd") # Get file hash and size. file = "/etc/hosts" hash = get_hash(file) size = str(os.path.getsize(file)) content = "Hello Douwe" with open(file, "rb") as f: content=f.read() # Send email. recipient = "douwe@shoklo-unit.com" subject = "Test 01" body = "Hello world" send_email0(recipient, subject, body, content, size, file, token)import base64, json, os, requests def get_token(file): with open(file, "r") as f: username = f.readline().strip() password = f.readline().strip() username = username.replace("username=", "") password = password.replace("password=", "") url = "https://api.services.mimecast.com/oauth/token" headers = { 'Content-Type': 'application/x-www-form-urlencoded' } payload = "client_id=" + username + "&client_secret=" + password + "&grant_type=client_credentials" response = json.loads(requests.request("POST", url, headers=headers, data=payload).text) return response['access_token'] def send_email(file, recipient, sender, subject, token, url): size = str(os.path.getsize(file)) with open(file, "rb") as f: data=f.read() code = base64.b64encode(data) content = code.decode("ascii") body = { "data": [ { "subject": subject, "to": [ { "emailAddress": recipient, } ], "attachments": [ { "size": size, "content": content, #"contentDisposition": "attachment", "contentDisposition": form-data; name="encoded_image"; filename="$FileName" "contentId": "", "contentTransferEncoding": "base64", "contentType": "image/jpeg", "extraHeaders": [ { "name": "", "value": "" } ], "filename": os.path.basename(file) } ] } ] } headers = { "Authorization": "Bearer " + token, "Accept": "application/json", "Content-Type": "application/json" } response = requests.post(url, headers=headers, json=body) return response.text file = "/tmp/Fryslan.jpg" recipient = "douwe@shoklo-unit.com" recipient = "customerreply@mimecast.com" recipient = "aturcotte@mimecast.com" sender = "relay@shoklo-unit.com" subject= "Test 3 on 2025-01-09" subject= "RE: Case #01356424 Created: Send email with attachment using Mimecast API" token = get_token("/root/.Mimecast-API.crd") url = "https://api.services.mimecast.com/api/email/send-email" send_email(file, recipient, sender, subject, token, url)
17. MS SQL Server Backup
-
Note: Make sure that the Allow direct access firewall rule is enabled for the computer.
-
Note: Make sure that Web Filtering | Scan FTP for malware is disabled in the Allow direct access firewall rule for that computer.
17.1. Download
Download all this data by completing the following steps. 1) Download and install Filezilla FTP client 2) Enter the following details into their relevant fields in the Quickconnect bar at the top - Host: FTPES://uk-ingftp.mimecast.com - Username: 20241017ShokloMRUdb - Password: ********************************** - Port: 21 3) Click the Quickconnect button 4) Click OK on the popup window that reports an unknown certificate, which is expected 5) Select the destination folder under local site on the left, and right-click the source folder under remote site on the right. Select download 6) Click Process Queue under the Transfer menu option Connection issues are commonly due to the FTP client not being permitted outbound access to the host. In case of issues confirm the following is configured: The firewall permits the FTP Filezilla client to connect outbound to the host on port 21 The firewall permits the FTP Filezilla client to connect outbound to the host on the full range of ports between 49100 to 49200 inclusive. The following errors may be reported in the FTP connection log. "Error: GnuTLS error -53: Error in the push function" "Error: Directory listing aborted by user" Kind regards Keshnie Pillay
-
Rename the ShokloMalariaResearchUnit.zip file to ShokloMalariaResearchUnit.bak
-
Save the file to the T:\IT\System\Mimecast folder.
17.2. Restore
-
Log on as Administrator on the SMRU-DBD-MST server.
-
Open Microsoft SQL Server Management Studio.
-
Connect to the SMRU-DBD-MST\DWD instance using the sa account.
-
Restore the database using the ShokloMalariaResearchUnit.bak file.
-
Right-click Databases and Select Restore Database.
-
Choose Device.
-
Click the Three-dots button.
-
Select the ShokloMalariaResearchUnit.bak filer.
-
Click OK.
-
Click OK.
-
Click OK.
-
Click OK.
-
-
Select the CUK92A409-ShokloMalariaResearchUnit database.
-
???
18. Raise A Case
-
Open Mimecast Administration Console.
-
Select the User Profile icon at the top right corner.
-
Select Contact Support.
-
Select Mimecast Support > Raise a Support Case.
-
Note: Our Account Code is: CUK92A409.
Area API & Integrations Case Reason Product API Support Topic Email Security Cloud Gateway Case Type Question Alternate Email smru-it@shoklo-unit.com Subject Send email with attachment using Mimecast API Description https://developer.services.mimecast.com/docs/cloudgateway/1/routes/api/email/send-email/post does not explain in detail how to send an attachment, like a binary file. For example, attachments.id, attachments.content, attachments.contentType, attachments.contentTransferEncoding are not properly explained. An example would be helpful. -
Click SUBMIT.
Case number 01356424
-
Select the User Profile icon at the top right corner.
-
Select Log out.
19. TEST
19.1. PowerShell
-
Enter the following commands at a PowerShell Command Prompt with administrative privileges.
$BaseUri = "https://api.services.mimecast.com" $Credentials = Receive-Credentials "Mimecast-API" $Username = $Credentials.GetNetworkCredential().Username $Password = $Credentials.GetNetworkCredential().Password # Get token. $Body = "client_id=$Username&client_secret=$Password&grant_type=client_credentials" $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("Content-Type", "application/x-www-form-urlencoded") $Method = "POST" $Uri = "$BaseUri/oauth/token" $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $Method -Uri $Uri $Token = $Response.access_token $Body = "{'data': [ { 'htmlBody': { 'id': '99', 'content': 'Hello World <html' }, 'subject': 'Test A htmlBody: FAIL', 'to': [ { 'displayableName': 'Douwe Kiestra', 'emailAddress': 'douwe@shoklo-unit.com' } ] } ] }" $Body = "{'data': [ { 'plainBody': { 'id': '99', 'content': 'Hello World <html' }, 'subject': 'Test B plainBody: FAIL', 'to': [ { 'displayableName': 'Douwe Kiestra', 'emailAddress': 'douwe@shoklo-unit.com' } ] } ] }" $Body = "{'data': [ { 'plainBody': { 'id': '99', 'content': 'Hello World <htm' }, 'subject': 'Test C plainBody: PASS', 'to': [ { 'displayableName': 'Douwe Kiestra', 'emailAddress': 'douwe@shoklo-unit.com' } ] } ] }" $Headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $Headers.Add("Authorization", "Bearer $Token") $Headers.Add("Accept", "application/json") $Headers.Add("Content-Type", "application/json") $Uri = "$BaseUri/api/email/send-email" $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $Method -Uri $Uri $Response $Response.failInvoke-RestMethod : 403403 Forbidden At line:1 char:13 + $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $ ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand PS 2025-05-23 14:39:23 Administrator@TBHFWS-IT01 C:\Users\Administrator> $Response meta data fail ---- ---- ---- @{status=200} {@{messageId=<Mimecast.1ea.ec426aa9ff11e087.196fc11f6c1@uk-sl-90.uk.mimecast.lan>; messageDateHeader=Fri, 23 May 2025 08:35:57 +0100}} {}Invoke-RestMethod : 403403 Forbidden At line:1 char:13 + $Response = Invoke-RestMethod -Body $Body -Headers $Headers -Method $ ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand PS 2025-05-23 14:42:09 Administrator@TBHFWS-IT01 C:\Users\Administrator> $Response meta data fail ---- ---- ---- @{status=200} {@{messageId=<Mimecast.1ea.ec426aa9ff11e087.196fc11f6c1@uk-sl-90.uk.mimecast.lan>; messageDateHeader=Fri, 23 May 2025 08:35:57 +0100}} {}meta data fail ---- ---- ---- @{status=200} {@{messageId=<Mimecast.28b.85c1e710c7543003.196fc18cd4f@uk-sl-83.uk.mimecast.lan>; messageDateHeader=Fri, 23 May 2025 08:43:26 +0100}} {}
19.2. Python
-
Log in as smru on tbhf-ops-mrm.
-
Enter the following commands at a Command Line with root privileges.
python3 # Do your thing. exit() quit()import hashlib, json, os, requests, uuid def get_token(file): with open(file, "r") as f: username = f.readline().strip() password = f.readline().strip() username = username.replace("username=", "") password = password.replace("password=", "") url = base + "/oauth/token" headers = { 'Content-Type': 'application/x-www-form-urlencoded' } payload = "client_id=" + username + "&client_secret=" + password + "&grant_type=client_credentials" response = json.loads(requests.request("POST", url, headers=headers, data=payload).text) return response['access_token'] def send_email(recipient, subject, body, id, token): url = base + "/api/email/send-email" body = { "data": [ { "htmlBody": { "id": "47", "content": body }, "subject": subject, "to": [ { "emailAddress": recipient, } ], } ] } headers = { "Authorization": f"Bearer {token}", "Accept": "application/json", "Content-Type": "application/json" } response = requests.post(url, headers=headers, json=body) return response.text def send_email2(recipient, subject, body, id, token): url = base + "/api/email/send-email" body = { "data": [ { "plainBody": { "id": "47", "content": body }, "subject": subject, "to": [ { "emailAddress": recipient, } ], } ] } headers = { "Authorization": f"Bearer {token}", "Accept": "application/json", "Content-Type": "application/json" } response = requests.post(url, headers=headers, json=body) return response.text base = "https://api.services.mimecast.com" # Get token. token = get_token("/root/.Mimecast-API.crd") # Send email. recipient = "douwe@shoklo-unit.com" subject = "Test 01" body = "Hello world <htm" send_email(recipient, subject, body, id, token) send_email2(recipient, subject, body, id, token) # Send email. recipient = "douwe@shoklo-unit.com" subject = "Test 01" body = "Hello world <html" send_email(recipient, subject, body, id, token) send_email2(recipient, subject, body, id, token)'<!doctype html><meta charset="utf-8"><meta name=viewport content="width=device-width, initial-scale=1"><title>403</title>403 Forbidden'
'<!doctype html><meta charset="utf-8"><meta name=viewport content="width=device-width, initial-scale=1"><title>403</title>403 Forbidden'
'{"meta":{"status":200},"data":[{"messageId":"\\u003cMimecast.1dd.f7f9f1440e31f4f7.196fc21a125@uk-sl-71.uk.mimecast.lan\\u003e","messageDateHeader":"Fri, 23 May 2025 08:53:04 +0100"}],"fail":[]}'