Directories - Validate Microsoft 365 Tenant Domain

This article explains why your Microsoft 365 Tenant Domain needs to be added to the Internal Domains of your Mimecast account and how you can validate ownership of this domain.
Requirements:

• Administrator access to your Microsoft 365 tenant.
• Administrator access with “Register New Domain” permissions for your Mimecast account.

To ensure that the Mimecast Message Transfer Agent (MTA) accepts your outbound communication for further processing, it needs to confirm that it indeed originates from your Microsoft tenant. It does this using the certificate that Microsoft, by default, provides together with extensions and information exchanged during the SMTP session. One piece of that information is your Microsoft 365 Tenant Domain. Therefore, this domain needs to be present on your Mimecast account. 

Locate your Microsoft 365 Tenant Domain

To locate your Microsoft 365 Tenant Domain:

1. Log in to the Microsoft Administrator Portal.
2. Navigate to Settings | Domains.
3. Review the list domain. The tenant domain often ends with .onmicrosoft.com

Register your Microsoft 365 Tenant Domain on your Mimecast account

Domains can be registered with your Mimecast account via an onboarding application or the Mimecast Administration Console. The required steps are similar for each solution:

• You need to enter the domain name.
• You will receive an entry you must publish for the domain within DNS.
• Mimecast will validate if the correct entry has been published.
• When correctly validated, Mimecast will add the domain to your Mimecast account.

Microsoft lets you publish a TXT record for your Microsoft 365 Tenant Domain. You can do this by continuing your journey on Microsoft 365:

4. Select your tenant domain
5. Navigate to the DNS records section:

6. Select Add record.
7. Enter the TXT record you obtained via the Mimecast application.

See Also...