Mimecast is an international company specializing in cloud-based email management.


To enable Mimecast to send authenticated mail from your domain your SPF and DKIM settings must be enabled.


Table of Contents
  1. Mimecast SPF Setup
  2. Mimecast DKIM Setup


1. Mimecast SPF Setup


Please note that the following SPF changes should only be applied to the Sendmarc record within Sendmarc and not the hosting provider.


Include String
include:_netblocks.mimecast.com
Include String External Mail (Optional)
include: za._extnetblocks.mimecast.com
Mimecast SPF Record
v=spf1 include:_netblocks.mimecast.com -all



2. Mimecast DKIM Setup


Steps to get DKIM set up in Mimecast.


Once logged in, click the “Administration” dropdown, select “Gateway” and click “Policies”.



Now click the "Definitions" dropdown and select "DNS Authentication - Outbound".


Click “New DNS Authentication – Outbound Signing” to create a new DKIM policy.



Fill in a description and select “Sign outbound mail with DKIM”. A domain needs to be selected and so click “Lookup” next to “Domain”.



Select your domain by clicking “Select” in front of your chosen domain.



Select either “1024 bits” or “2048 bits” as your DKIM Key Length. We recommend choosing “2048 bits” for more secure encryption.


Do not change the “Selector”. Click “Generate”.



Your new DKIM key has been generated successfully.



Once generated, you can add your DKIM key under domains in Sendmarc.


Under “Policies” select “DNS Authentication – Outbound”.



Add a new Policy for Outbound Signing and use the following values:


Policy Narrative:
DKIM Outbound
Select Option:
DKIM


Addresses Based On:
Both
Applies From: 
Email Domain
Specifically
[YOURDOMAIN.CO.ZA]


Applies To
External Addresses
Specifically
Applies to all External Recipients


Enable / Disable
Enable
Set priority as perpetual:
Always On



Go back into Mimecast and click “Check DNS” to verify that your DNS has been added to your hosting environment successfully.