Mimecast recommends a DKIM record to sign your outbound emails digitally so that they don't get tampered with or accessed by threat actors in the process of being transferred. It is an essential step to ensure your email's security.

Mimecast requires special configuration actions outside of Authenticate. Please follow these steps to complete configuration for Mimecast, and then return to your automation-guided task list in Authenticate.

Authorizing Mimecast in Authenticate

1. Make sure you have added Mimecast as an Approved Sender in Authenticate for the domain you are configuring it for.

Note: If Mimecast has not been approved, please do so now by following the steps below.

a. From the Senders section, click on + ADD SENDER FOR [your domain]

b. Choose Mimecast from the Service Name drop-down, and click ADD.

2. Enable DKIM signing for your custom domain. The next steps outlined below, will help you Enable DKIM on your domain in the Mimecast platform.

Steps to get DKIM set up in Mimecast

• Setup a definition.

1. Once logged in, click the Administration dropdown, select Gateway and click Policies.

2. Click the Definitions dropdown and select DNS Authentication - Outbound.

3. Click New DNS Authentication – Outbound Signing to create a new DKIM policy.

4. Fill in a description and select Sign outbound mail with DKIM. A domain needs to be selected and so click Lookup next to Domain.

5. Select your domain by clicking Select in front of your chosen domain.

6. Select either 1024 bits or 2048 bits as your DKIM Key Length. We recommend choosing 2048 bits for more secure encryption.

Note: Do not change the “Selector”. Click Generate.

7. Your new DKIM key has been generated successfully.

8. Publish the Mimecast DKIM key in Authenticate as shown below:

a. Click on Mimecast in Authenticate and then click ADD DKIM KEY

b. Fill in the DKIM key details like the selector and the public key value and then click on ADD:

• Setup a policy

9. Once done with your outbound signing definition, next you need to create your outbound policy.

    Under Policies select DNS Authentication – Outbound.

10. Add a new Policy for Outbound Signing and use the following values:

11. Go back into Mimecast and click Check DNS to verify that the Mimecast DKIM key was properly published in Authenticate

12. After the validation of the DKIM key was done successfully in Mimecast, you can now send DKIM authenticated email for your domain using Mimecast.