Whitelisting in Mimecast for CyberLearn

Updated: 22 Sep 2025

To ensure CyberLearn emails (training, phishing simulations, and any plugin notifications) are delivered and that click/open tracking works correctly, you should allow-list CyberLearn in your Mimecast environment. Follow the steps below.

What to allow-list

Allow the following – preferably as wildcards where possible, within the relevant Mimecast policies:

Domains (portal, API, CDN)

• *.cyber-detector.com
• *.app-cyberlearn.com
• *.veriffy-center.com
• *.user-messagee.com
• *.access-portall.com
• *.delivery-statuss.com
• *.document-serviice.com
• app-cyberlearn.com
• api.app-cyberlearn.com

Tracking / analytics (click & open statistics)

• go.cyber-detector.com (our CNAME for tracking)
• t.mailjet.com (underlying tracking domain behind the CNAME)

IP addresses

• Allow the CyberLearn sending IPs you have received from us (enter them as CIDR ranges).
  Note: Always use the IPs we’ve provided specifically for your tenant, as they may change over time.

---

Configuration in Mimecast

1) “Permitted Senders Policy”

Purpose: Ensure CyberLearn emails are delivered to the Inbox.

1. Sign in to the Mimecast Administration Console.
2. Go to Gateway → Policies.
3. Locate Permitted Senders Policy and open it, or choose New Policy to create a new one.
4. Policy Narrative: e.g., “CyberLearn – Permitted Senders.”
5. Permitted Sender Policy: choose Permit Sender.
6. Emails From: select All (or restrict to our sender domains if preferred).
7. Emails To: select All (or scope to your domains/target groups).
8. Check Policy Override.
9. Source IP Ranges: add the CyberLearn IPs (CIDR notation).
10. Save and Apply.

Tip: If you already have a general “Permitted Senders” policy, simply add the CyberLearn IPs under Validity / Source IP Ranges.

---

2) Bypassing security layers for simulations

Purpose: Prevent simulated phishing emails and tracking links from being rewritten or blocked.

Create/adjust the following policies under Gateway → Policies (use the same scoping as above and enable Policy Override):

• Anti-Spoofing Bypass Policy
  Allow CyberLearn mail to avoid spoofing false positives during simulations.
• Attachment Protection Bypass Policy (if you see training attachments being blocked)
• URL Protection Bypass Policy
  Ensure links are not rewritten and that go.cyber-detector.com and t.mailjet.com are excluded so click tracking works.
• Impersonation Protection Bypass Policy
  Reduce false positives when simulations emulate “realistic” senders for training purposes.
• Attachment Management Bypass Policy (if you use this feature and see unwanted quarantine of training files)

---

Additional recommendations

• SPF/DKIM/DMARC: Make sure your mail domains are correctly configured. CyberLearn/our sending partner signs and sends properly, but stricter local policies may require explicit exceptions on your side.
• Test flow:
  1. Send a test to a small group.
  2. Confirm delivery to Inbox (not Junk/Quarantine).
  3. Verify that links are not rewritten and that opens/clicks are recorded in CyberLearn.
• Logging & troubleshooting: Use Mimecast logs to verify which policy matched if anything is blocked.