Mimecast SPF & DKIM setup

Mimecast is an international company specializing in cloud-based email management.

To enable Mimecast to send authenticated mail from your domain your SPF and DKIM settings must be enabled.

1. Mimecast SPF Setup

Please note that the following SPF changes should only be applied to the Sendmarc record within Sendmarc and not the hosting provider.

Include String include:_netblocks.mimecast.com
Mimecast SPF Record v=spf1 include:_netblocks.mimecast.com -all

2. Mimecast DKIM Setup

Steps to get DKIM set up in Mimecast.

Once logged in, click the “Administration” dropdown, select “Gateway” and click “Policies”.

Now click the "Definitions" dropdown and select "DNS Authentication - Outbound".

Click “New DNS Authentication – Outbound Signing” to create a new DKIM policy.

Fill in a description and select “Sign outbound mail with DKIM”. A domain needs to be selected and so click “Lookup” next to “Domain”.

Select your domain by clicking “Select” in front of your chosen domain.

Select either “1024 bits” or “2048 bits” as your DKIM Key Length. We recommend choosing “2048 bits” for more secure encryption.

Do not change the “Selector”. Click “Generate”.

our new DKIM key has been generated successfully.

Once generated, you can add your DKIM key under domains in Sendmarc.

Under “Policies” select “DNS Authentication – Outbound”.

Add a new Policy for Outbound Signing and use the following values:

Policy Narrative: DKIM Outbound
Select Option: DKIM
Addresses Based On: Both
Applies From:  Email Domain
Specifically [YOURDOMAIN.CO.ZA]
Applies To Everyone
Enable / Disable Enable
Set priority as perpetual: Always On

Go back into Mimecast and click “Check DNS” to verify that your DNS has been added to your hosting environment successfully.