Technology, Infrastructure and Cloud Focused.

Father of 3 lovely children, geek, infrastructure expert, technical architect and all round technologist.


So in this series I wanted to document my journey and experience with setting up (or migrating) a Mimecast Unified Messaging Platform.  Part 1 gave an introduction into what Mimecast offered, the benefits of their cloud solution and the superb service you get guiding you though this process.

Although this guide deals with the configuration and interaction with Office 365 (where our hosted Exchange environment is located) the process is similar to an Enterprise wide deployment.  A useful tip here could be to setup a test Domain, add this to your existing email environment and just test the process on this test domain for a reduced risk migration.

I am wrapping up 2 stages within the Mimecast process here (Stage 2 – Account configuration and Stage 3 – Outbound Routing), but the summary of this is below:

Step 1 (Admin users):

Mimecast Login Pahe

Mimecast Login Screen

After you receive your “Super Administrator” (this is the account that has full access to every feature within the Mimecast Admin console) details from Mimecast it is recommended to first setup a series of users with the access you require. 

  1. Log into your Mimecast portal and first review the default roles.
  2. Next Click on the “Roles” tab to display the built-in roles.
  3. Roles are predefined permission levels that Mimecast has provisioned – you can create your own but for this example we have setup another Super Admin.
  4. To select a role just click on that with the mouse, here you select the “Add user to role” function and select your required user.

    Mimecast Default Roles

    Mimecast Roles

  5. If the user is not listed you may need to manually add the user to your console – Directories – Internal – Click Domain Name and select “New Address”.
  6. Test you can login within the newly created account.
  7. Next have a play with setting up with a dummy or test user account and move them into the different roles.  Later on down the line we will be looking at giving our Service Desk login rights to track messages etc..

Step 2 (Configure Routing):

Next comes the interesting phase, here we are going to ensure that all our emails leaving our organisation are routed into the Mimecast cloud.  In our example our message flow is detailed below (sorry did not have the time to do this in Visio so used my friend – Cacoo):

Check our mimecast network diagram

Office 365 and Mimecast diagram

Last year we decided to move our Exchange 2007 servers over to Office 365 instead of carrying out an upgraded.  We only have around 10 users so this makes perfect since, therefore these steps are designed for Office 365 environments, although similar if you host on-premise (just remove and adapt where needed):

  1. Ensure ALL your domains are registered with Mimecast before proceeding, if you have any issues then please contact Mimecast Support.
  2. Add the Mimecast MX records into your DNS zone at the highest priority (i.e. if you records are currently set to a preference of 10, then select the Mimecast preference to 100) – this will allow time for the records propagate and then help in the next few steps.
  3. If you use SPF records then ensure the following is setup (of course these may change so check with Mimecast support, however these are correct as of this post):  v=spf1 ip4: ip4: ip4: ip4: ip4: ip4: ip4: ~all
  4. Configure an Outbound connector in conjunction with the Mimecast KB article –
  5. Notify Mimecast for them to monitor the outbound emails – these are used for Mimecast to configure a “TO” whitelist.
  6. Thats it….!!! – See so simple…
  7. I would recommend keeping this in place for 2 weeks.
Stay tuned for part 3.


Mimecast release Mimecast Services for Outlook MSO v4 beta

As you know I am working on a blog series to document an implementation of the top class unified cloud messaging services, part 1 is here.  Looking over a training session today I discovered the next release of MSO (Mimecast Services for Outlook) this is the client side agent that seamlessly intergrates into Outlook to provide and extend the functionality of the service.

Over 10 months ago I posted a feature here to request a feature where the end users can select to encrypt the email message.  WELL what can I say but THANK YOU and as always Mimecast exceed this by adding 5 options:-

mimecast secure

  • Default Route – This is the default value, and results in emails being delivered as configured in the Administration Console
  • Best Route – Uses TLS encryption (if available), otherwise will deliver the message via Closed Circuit Messaging (CCM).
  • Encryption Not Required – Will attempt to deliver using TLS, but is not available will deliver the message via clear-text SMTP
  • Encrypt Connection – Enforces TLS encryption from the Mimecast servers to all recipient servers. If a given recipient server cannot perform TLS, then the message is not delivered, and the sender is notified.
  • Closed-Circuit Message – The email is held on the Mimecast platform, and a notification message is sent to external recipients informing them an email is available in the Mimecast portal. Recipients are then required to log into the Mimecast portal to read their messages. This prevents any sensitive emails from traversing the Internet.

To cover my other favourites are:

  • Stationary picker.
  • Document conversion.

Now to check out the additional excellent functionality please see the Mimecast Knowledge Base:-

Well done Mimecast.