Share via

Configuring Defender to Work With Mimecast

Tedd Lipka 0 Reputation points
2023-11-23T19:59:47.8233333+00:00

Mimecast passes our email traffic to Defender. We've noticed that seemingly as a result, inbound emails fail DMARC, DKIM, and SPF tests, we believe because Mimecast is acting as sort of a man-in-the-middle. This appears to be the cause of a lot of false positives for phishing.

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,182 questions
Exchange | Exchange Server | Management

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jarvis Sun-MSFT 10,231 Reputation points Microsoft External Staff
    2023-11-24T02:51:14.35+00:00

    @Tedd Lipka ,

    Welcome to our Q&A forum!

    Based on my search results, Mimecast is an email management company that offers cloud-based email security services. It is possible that Mimecast is acting as a man-in-the-middle and causing inbound emails to fail DMARC, DKIM, and SPF tests.

    However, I would recommend that you contact Mimecast’s support team to confirm this. They can provide you with more information on how their email security services work and how they interact with other email security services like Defender. You can also ask them about the false positives for phishing that you have been experiencing. They may be able to provide you with some tips on how to reduce the number of false positives.

    If you need further assistance, please let me know.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.