In the area Incoming e-mails of section Signing in section Ruleset generator, activate the options Remove signature if S/MIME signature check succeeds and Remove signature if S/MIME signature check fails.

 

This is necessary because after the S/MIME signature has been checked by mimecast, the email is modified in the course of the checks to be carried out and the signature would thus be destroyed.

 

For the recipient, the keyword [signed OK] in the case of a valid signature or [signed INVALID] in the case of an invalid signature indicates that the e-mail was originally signed by S/MIME.