2 minutes reading time (450 words)

Configure DKIM signing in Mimecast using a DNS Authentication Outbound policy

Guides

Tuesday, 31 January 2023

5505 Hits

How to set up DKIM in Mimecast (with Office 365). Create a DNS Authentication Outbound Definition and Policy. Add DNS record for DKIM selector and verify DKIM.

1. Setting up DKIM with Mimecast and Office 365
2. Create DNS Authentication - Outbound Definition
3. Create DKIM Selector DNS record
4. Create DNS Authentication - Outbound Policy

1. Setting up DKIM with Mimecast and Office 365

If you are using Mimecast with Office 365, you only need to configure DKIM in Mimecast, it doesn't need to be configured in Office 365 as well.

All outbound emails will be DKIM signed and sent through Mimecast.

2. Create DNS Authentication - Outbound Definition

Administration - Gateway - Policies
DNS Authentication - Outbound - Definitions

New DNS Authentication - Outbound Signing

Description: DNS Authentication Definition yourdomain
Tick: Sign outbound mail with DKIM
DKIM Key Length: 1024 bits
Domain: click lookup and select your domain
Selector: mimecast

Click Generate

Click OK

Copy the DNS Address and DKIM Public Key

3. Create DKIM Selector DNS record

Create a DNS TXT record for the DKIM selector and public key with your DNS provider

Example DKIM DNS Record

Wait for the DNS changes to propagate. This could take 20-30mins depending on your DNS provider.

Once the DNS changes have updated, click Check DNS, then Save and Exit

Not sure if the DKIM DNS records have updated yet?
Take a look at this guide on how to check DKIM DNS records and verify DKIM message header signing

Check DKIM using nslookup, MX Toolbox and email message headers
https://techlabs.blog/categories/how-to-guides/check-dkim-using-nslookup-mx-toolbox-and-email-message-headers