DomainKeys Identified Mail (DKIM) is an email authentication method that helps prevents email spoofing and spam. DKIM works by using a digital signature to verify that an email is authentic and hasn't been modified in transit. Email systems using Mimecast for Email security management may run into interim DKIM failures for emails sent from their HappyFox accounts. 

Mimecast unpacks and repacks every email for spam identification and other related activities. This breaks DKIM signatures sometimes, especially if they are body based. The unpacking and repacking of emails not unconditional. There are options that allow for it to be disabled (with the side effect that certain features become unavailable) and this is also applied automatically in some cases but breaking of a DKIM signature is not one of those cases. Detailed explanation of the inbound email flow on Mimecast enabled customer side:Yes, Mimecast does unpack and repack emails as part of its security scanning process. This is a common practice for advanced email security gateways.

More information about Mimecast email security: https://community.mimecast.com/s/article/email-security-cloud-gateway-dns-authentication-overview

Email unpacking:
Mimecast receives the incoming email. It disassembles or "unpacks" the email, separating the headers, body, and attachments

Content inspection:
Each component is scanned for malicious content, spam, and policy violations
This includes checking attachments, links, and the email body itself

Modification and repacking:
If necessary, Mimecast may modify parts of the email (e.g., neutralizing malicious links)
After inspection and any required modifications, Mimecast reassembles or "repacks" the email

Hash recalculation:
During this process, the body hash may change if any modifications were made. We believe this may be the root cause of the problem faced with emails sent from HappyFox accounts

Delivery:
The repacked email is then delivered to the recipient's inbox. This unpacking and repacking process could potentially explain the "body hash did not verify" errors experienced. If Mimecast is modifying the email content in any way during its security checks, it would alter the body hash

To address this the below areas can be checked:
Check MimeCast's content modification policies. Look for any aggressive spam or content filtering rules that might be triggering unnecessary modifications.
 

Alternate confirmation option:
Consider reaching out to MimeCast support to confirm if this process is causing the hash verification issues