|Table of Contents|
1. Mimecast SPF Setup
Please note that the following SPF changes should only be applied to the Sendmarc record within Sendmarc and not the hosting provider.
|Include String External Mail (Optional)||include: za._extnetblocks.mimecast.com|
|Mimecast SPF Record||v=spf1 include:_netblocks.mimecast.com -all|
2. Mimecast DKIM Setup
Steps to get DKIM set up in Mimecast.
Once logged in, click the “Administration” dropdown, select “Gateway” and click “Policies”.
Now click the "Definitions" dropdown and select "DNS Authentication - Outbound".
Click “New DNS Authentication – Outbound Signing” to create a new DKIM policy.
Fill in a description and select “Sign outbound mail with DKIM”. A domain needs to be selected and so click “Lookup” next to “Domain”.
Select your domain by clicking “Select” in front of your chosen domain.
Select either “1024 bits” or “2048 bits” as your DKIM Key Length. We recommend choosing “2048 bits” for more secure encryption.
Do not change the “Selector”. Click “Generate”.
Your new DKIM key has been generated successfully.
Once generated, you can add your DKIM key under domains in Sendmarc.
Under “Policies” select “DNS Authentication – Outbound”.
Add a new Policy for Outbound Signing and use the following values:
|Policy Narrative:||DKIM Outbound|
|Addresses Based On:||Both|
|Applies From: ||Email Domain|
|Applies To: ||External Addresses|
|Specifically: ||Applies to all External Recipients|
|Enable / Disable: ||Enable|
|Set priority as perpetual:||Always On|
Go back into Mimecast and click “Check DNS” to verify that your DNS has been added to your hosting environment successfully.