Mimecast

How to set up DMARC for Mimecast in Valimail

Updated over a week ago
SPF(supported)
DKIM(recommended)

Mimecast is an international company specializing in cloud-based email management.

This article covers the SPF and DKIM authentication processes for Mimecast and how to manage this configuration in Valimail. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.

In order to setup DKIM for Mimecast, you will have to Setup an Outbound Signing Definition and Setup an Outbound Policy to apply DKIM to your outbound emails.

Setup an Outbound Signing Definition

1. Once logged in, click the Administration dropdown, select Gateway and click Policies.

a screenshot of a computer

2. Click the Definitions dropdown and select DNS Authentication - Outbound.

a screenshot of a computer

3. Click β€œNew DNS Authentication – Outbound Signing” to create a new DKIM policy.

a screenshot of a browser window

4. Fill in a description and select Sign outbound mail with DKIM. A domain needs to be selected and so click Lookup next to Domain.

a screenshot of a browser

5. Select your domain by clicking Select in front of your chosen domain.

a screenshot of a computer

6. Select either 1024 bits or 2048 bits as your DKIM Key Length. We recommend choosing 2048 bits for more secure encryption.

Do not change the Selector. Click Generate.

a screenshot of a browser

7. Your new DKIM key has been generated successfully.

a screenshot of a computer

8. The newly created DKIM key will need to be published in Valimail Enforce.

Add a Mimecast DKIM key in Valimail

You can find more detailed information on how to add a DKIM key in Valimail, here:

Setup an Outbound policy

1. Once done with your outbound signing definition, next you need to create your outbound policy.

Under Policies select DNS Authentication – Outbound.

a screenshot of a computer

2. Add a new Policy for Outbound Signing and use the following values:

a screenshot of a computer

3. Go back into Mimecast and click Check DNS to verify that the Mimecast DKIM key was properly published in Valimail.

a screenshot of a browser

4. After the validation of the DKIM key was done successfully in Mimecast, you can now send DKIM authenticated email for your domain using Mimecast.

Configuring SPF authentication for your Mimecast emails

Once you establish that Hushmail is an authorized sender for your domain, you will need to add the service in your Enabled Senders.

You will find more detailed information on how to add a service for your domain in Valimail, here:

Note: We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.

Enable SPF alignment in Mimecast for your domain

You may notice that Mimecast emails are not authenticated via SPF, even after you have added Mimecast to your domain's configuration. This is likely caused by Mimecast not sending SPF aligned-mail and can be corrected by making sure SPF alignment is turn on in Mimecast for your domain.

You can find more information on how to set up SPF and SPF alignment for Mimecast here.

Did this answer your question?