If you want to validate emails inbound for SPF, DKIM or DMARC when sent to you from external parties you will need to configure a DNS Authentication Definition in Mimecast. The procedure is the same as creating a DNS Authentication Definition for Outbound emails but this time you will choose Inbound instead.
You will be able to choose whether to enable checks for all protocols: SPF, DKIM and DMARC or only some. You will be able to specify how to treat emails that fail any of these protocols.
Please click on the button below which will take you to the Mimecast article that explains how to achieve the above.
Please note that once you configure a Definition in Mimecast you will after that need to configure a policy that uses the Definition.
This is true for inbound and outbound definitions, they are always followed by creating a policy.