![apxium-logo.png]](https://support.apxium.com/hs-fs/hubfs/Logos/apxium-logo.png?width=144&height=50&name=apxium-logo.png){kind=logo}
Set Up Instructions - Mimecast
If you are using Mimecast, it may not allow any emails that come from the 'billing@cbdaccounting.com' domain. All the Apxium emails are sent from 'billing@cbdaccounting.com'.
The Mimecast Anti-spoofing policy states, if the email isn’t sent from a Mimecast IP then you are spoofing. The only way around that is to create a bypass to your policy.
Apxium does not use a static (dedicated) IP since we use Amazon Web for our emails and they do not use a static IP. Therefore the bypass policy cannot be based on this.
An alternate solution is to only bypass if the email is from a specific sender 'billing@cbdaccounting.com' to specific recipients. You could create a group and add users individually if you wish. The ideal rule is to allow email from that email address if it is DKIM-signed.
The ideal way for you to do it is for Mimecast to use DKIM singing for the anti-spoofing check, but if not it can also be set up to check SPF records as described here:
https://mimecastsupport.zendesk.com/hc/en-us/articles/34000752076563-Policies-Anti-Spoofing-SPF-Bypass#h_01JAFSDM0951NPV896YNJMZB55 in which case if that specific email address allowed e-mail that match the SPF record of amazonses.com or spf.apxium.com then that should work.
If you intend for our system to send emails to some of your staff, then this needs to be addressed. Many of our firms use their emails in the system to get notifications for instance when a client has no email address etc. We also recommend enabling the Custom Mail From Domain feature under Admin > Email Setup in your sandbox. This will generate two additional DNS records and allow your mail provider to send emails fully on behalf of your domain, improving both deliverability and alignment.
Related Articles - > Setting Up Your DNS Records