Once the contract formalities are completed, you are sent a unique link to an online Request For Information (RFI) form. You must complete this form, as it provides important information about your environment required by us before creating your Mimecast account. The exact information we need depends on the type of Mimecast account, but can include information regarding:
Once the RFI has been completed and submitted, the Connect Team can start to create your Mimecast account. Your Technical Point of Contact is prompted periodically to complete the form, if they haven't.
You must specify the contact details of a Technical Point of Contact, and an emergency contact. These details are added to our contacts database, and used to contact you when a Mimecast event occurs that requires your attention. These contacts are also able to log support cases and request system changes. The email address of the Technical Point of Contact is also used to create the first Mimecast Administrator account.
It is vital Mimecast Support is informed immediately when the details for one of these contacts changes.
IP Addresses and Domains
Mimecast uses the IP address and domain information for your environment to deliver inbound emails or accept outbound emails. The form contains the following fields:
|Outbound IP Addresses|
List the IP addresses that Mimecast will accept outbound emails from (i.e. the internet facing IP addresses of your email server). Hosted Exchange (HEX) providers will be able to supply a list of the required IP addresses.
|Inbound IP Addresses|
List the IP addresses that Mimecast will deliver inbound emails to (i.e. the internet facing IP addresses of your email server). Hosted Exchange (HEX) providers will be able to supply a list of the required IP addresses.
|Inbound Smart Host||List your inbound smarthost details, if it is using a dynamic IP address. Most hosting providers (e.g. Office 365, Google Apps) provide an inbound smarthost rather than an inbound IP address.|
|Email Domain Names||List all the domain names that you control for which Mimecast needs to handle email (e.g. <domain>.com, <domain>.co.uk, <domain>.co.za, <domain>.za.net).|
|Third Party Senders||List all other IP addresses that deliver emails using your domain name (e.g. third-party bulk email service). The specified IP addresses are added to the default anti-spoofing bypass policy.|
Recipient Validation Method
When emails are received by Mimecast from addresses that are not listed in the internal domains you've specified, a number of security checks are performed to ensure they are safe to receive. One of these checks is validation of the destination email address for the internal user's mailbox.
You can configure a different verification method for each individual domain name.
Several recipient validation options are available for this as described below.
|Active Directory Synchronization|
This preferred method of validation relies on the configuration of a Directory connection. Using LDAP / LDAPS, Mimecast synchronizes with the network controller automatically, and inbound email recipient addresses are compared to this list. If the recipient is not present on the Directory, the email is rejected.
Azure Active Directory is the perferred validation method on Office 365 Exchanges.
|SMTP Call Forward Verification||Mimecast is configured to keep the connection string open for the incoming email, while simultaneously connecting to the destination email server to verify the recipient mailbox status.|
|Manual User List Upload||User email addresses are controlled in Mimecast manually or via spreadsheet import. This option is useful for customers that do not manage a network controller, or want to manage email mailboxes in Mimecast that are not present on the network controller.|
|Not Yet Determined||Placeholder for future validation options.|
By default, Mimecast only allows outbound email from the internal domains you have provided. This allows us to ensure only messages originating from your authorized IP addresses are sent. If you forward messages received from your authorized IP addresses to another external domain, they may be blocked by Mimecast in order to avoid unwanted relay services. To avoid this, it is important you list all external addresses that the email server forwards messages.