This guide details the steps involved in configuring journaling for Exchange 2013 and the requirements and steps to make it work within the Mimecast ecosystem.

Create a Journal Definition In Mimecast

The first step in configuring Journaling is to create a Journal Definition within the Administration Console.To accomplish this, do the following:

1. Sign into the Mimecast Administration Console.
2. Navigate to Administration | Services | Journaling:
   
   
3. Click on the New Journal Service Definition button:
   
   
4. Under Journal Service Properties in the Description field, enter a relevant name for the definition:
   
   
5. In Transport Type pull-down, select SMTP:
   
   
6. Under Connection Properties enter a Service Email Address using the following format:  journaling@journal.domain.com (where domain.com is the primary SMTP domain):
   
   You'll be using the Service Email Address throughout the rest of the Journal configuration process.
   
7. In the Additional Source IP Ranges field, provide the IP Addresses from which Mimecast will receive Journaled messages. Theses are typically the external IPs of the Transport Service in the environment:
   
   Authorized Outbound IP addresses are automatically allowed, therefore this field can be left blank. This also applies to hosted environments sharing IP addresses or ranges.
   
   
   This field is expecting the IP Address with a CIDR mask, so ranges can be added in a single line. The proper syntax for a single address is /32.
   Other configurable values on the page are:
   
   

   Field	Description
   Disabled	Allows journal services to be taken offline without removing the Journal Service Definition.  Using the disabled option will result in the journal service being suspended, and any error conditions related to the connection will be reset.  This is useful if a journal mailbox is going to be offline for an extended period of time. When the journal mailbox is once again available, be sure to enable activity before removing the check. Any changes made to this checkbox are recorded in the event log.
   Use SMTP Authentication	Can be enabled for enhanced security features. Once checked, this produces an additional field where a password should be entered. This password, along with the journal email address will be used as the SMTP-AUTH credentials. In order to make use of the authentication option, an SMTP Send Connector is required on the Exchange server for SMTPJournaling.
   Initial Process Delay	Advanced configuration options that should be left as the default values (default = 0), unless working on a Journaling issue with Mimecast Support.  Determines the time to wait before attempting to match a message to the archive
   Delivery Wait Attempts	Advanced configuration options that should be left as the default values (default = 3), unless working on a Journaling issue with Mimecast Support. Determines the number of tries the system attempts to match a message before it is archived
   Period of Inactivity Allowed	Defines how long the SMTP connector is allowed to be inactive without receiving any messages, before it is reported as being "down" (default = 180 minutes). Consider the setting carefully according to your Exchange Server environment. For example, if you operate in an environment with low email volumes, the connector is likely to handle a small Exchange database.  Therefore, you can set this value to a much higher value than the default to cater for quiet periods (e.g. overnight) and/or smaller email databases
   Journal Type	Specify the Journal type as either Exchange Envelope Journaling (EEJ) or Standard EML Mimecast supports Journaling of emails (EML) in standard MIME format (without the EEJ wrapper), and emails journaled in EEJ format.  Standard emails (EML) files can only be assigned to mailboxes based on the message headers (which may not be reliable, and does not include BCC recipients).  Exchange Envelope Journal emails are the preferred option in terms of accuracy when determining the recipients for an email.   An additional feature of the Exchange Envelope Journaling service is that it “steps down” to handle incorrectly enveloped messages in an EEJ mailbox.  On occasions, journal mailboxes may receive non-envelope journaled emails. These messages would normally cause the journal service to fail. Mimecast auto-detects these malformed messages and absorbs them as normal emails, even though the journal mailbox is set to EEJ.
   Encrypted	This checkbox is selected by default, but is not required. If checked, Mimecast will only accept Journal messages over TLS. Journal messages not sent over TLS will be rejected.
   Prefer Clear Text Version	Enable this option for Active Directory Rights Management Services protected journal items.
   Journal Non Internal Addresses	When enabled, items processed by the Journal Connector that do not hold any internal addresses will be archived.
   Journal Unknown Internal Addresses	When enabled, items processed by the Journal Connector that are sent from or sent to unknown internal addresses will be archived.

8. Once completed, click Save and Exit:
   
   

This concludes the steps involved in creating a Journal Definition in Mimecast.

Create a Journal Sub Domain in Mimecast

To accomplish this, do the following:

1. Navigate to Administration | Directories | Internal Directories.
2. Click the Register New Domain button from the top of the page. This displays a 3 stage wizard process:
   
   
3. Review the information displayed, then type the name of the new Domain in the appropriate field:
   
   
4. Click the Get Verification Code button to continue:
   
   
5. You'll notice that step 2 is skipped because your parent domain already exists:
   
   

This concludes the steps involved in creating the Journal Sub Domain in Mimecast.

If you'd need to edit the sub domain, please see Email Domains.

Configure an External Contact in Exchange 2013

The next step is to create an External SMTP Contact using the following format: journaling@journal.domain.com

To accomplish this, do the following from within your Exchange 2013 environment:

1. In the Exchange Admin Center (EAC), navigate to Recipients, and then select Mail Contact:
   
   
   
   
   
2. Click on the + icon followed by Mail Contact.
   This displays the New Mail Contact popup window.
3. Complete the Contact Information popup fields similar to below:
   
   
   By default under Organizational Unit (OU), the path to the Users container is displayed.
   To modify this field, click Browse, and then select the required OU.
   
   
4. To complete the configuration, click the Save button.

This concludes the steps involved in creating an External Contact in Exchange 2013.

Configure Exchange 2013 Send Connector

The next step in this process is to configure the Exchange 2013 Send Connector from within the 2013 Exchange environment. This will enable archiving internal and external emails to the External SMTP contact created above.

To accomplish this, do the following from the Exchange 2013 environment:

1. Open the Exchange 2013 Administration Center.
2. Navigate to Mail Flow | Connectors:
   
   
3. Click on the + icon to create a new Send Connector.
4. Enter a Name for the connector, for example: Journal Send Connector to Mimecast. For Type, select Custom. When completed click Next:
   
   
5. Under Network Settings select: Route mail through smart hosts radial button. When completed, click the + icon to add a smart host:
   
   
   
   
6. Depending on your geographical location, use the table below to enter the Primary and Secondary Smart Hosts. When entering the Smart hosts, click Save when completed:
   
   
   
   

   Region	Hostname
   North America	us-smtp-journal-1.mimecast.com us-smtp-journal-2.mimecast.com
   Europe and Australia	eu-smtp-journal-1.mimecast.com eu-smtp-journal-2.mimecast.com
   South Africa	za-smtp-journal-1.mimecast.co.za za-smtp-journal-2.mimecast.co.za
   Australia	au-smtp-journal-1.mimecast.com au-smtp-journal-2.mimecast.com
   Off Shore	je-smtp-journal-1.mimecast-offshore.com je-smtp-journal-2.mimecast-offshore.com

7. When both Primary and Secondary Smart Hosts have been entered, click Next:
   
   
   
   
8. Under Smart Host Authentication, select the None radio button, then click Next:
   
   
   
   
9. Specify the Address space for which the connector should route mail by clicking click the + icon to add a domain:
   
   
10. Enter the following information and when completed click Save:
    
    
    • *Type: SMTP
    • *Full Qualified DOmain Name (FQDN): journal.domain.com
      Where journal.domain.com is the journal sub domain created in the Create a Journal Sub Domain in Mimecast section of this document.
    • *Cost: 1
      
11. Click Next:
    
    
    
    
12. Click the + icon:
    
    
    
    
13. Select the transport server(s) that will associate with this connector. Click Add when the server(s) are selected and then click OK:
    
    If running an environment with Edge Transport Servers, you'll need to push the Send Connector to Edge Transport Servers. Check the Microsoft website for instructions on how to accomplish this.
    
    
    
14. When the servers have been added, click Finish:
    
    

This concludes the steps involved in creating a Send Connector in Exchange 2013.

Enable Exchange 2013 Premium Journaling

You're almost there. Lastly you'll need to enable Journaling from the Exchange 2013 environment.

To accomplish this, do the following from within Exchange 2013:

1. Navigate to Compliance Management | Journal Rules:
   
   
   
   
2. Click the + icon to create a new Journal Rule:
   
   
   
3. Enter the following information the fields show:
   1. In the Send journal reports to: field: e.g. journaling@journal.domain.com
   2. Provide a name for the new journal rule in the Name: field: e.g. Mimecast Journaling
   3. Set the If the message is sent to or received from... option to [Apply to all messages]
   4. Set the Journal the following messages... option to All messages
   5. Click Save to finish
      
      
4. The page should look similar to below:
   
   
   

This concludes the configuration process.

Verify Exchange 2013 Journaling

Now that all the Journaling configuration is complete. It's time to verify that the connections are working.

To accomplish this, do the following from the Mimecast Administration Console:

1. Log into the Mimecast Administration Console.
2. Navigate to Administration | Services | Journaling:
   
   
3. Note the Service Status of the Journaling connector:
   
   
   
   

   Icon	Service Status	Description
   	Service Awaiting Initial Run	On initial configuration, the status icons for SMTP journal connectors will be orange, with a service status of Service Awaiting Initial Run
   	Service OK	Once the first message is received by the connector, the icon will change, and the status updated to Service Enabled
   	Service Error	If Mimecast cannot connect to the Journal connector and retrieve emails, the status will change to Service Error

   If the connector configuration is not successful, please see the Troubleshooting Journaling article.
4. View the current list of Journaling items by clicking the Queue Details button:
   
   
   
   For Exchange Envelope Journal Format (EJF), the actual recipient is displayed as the sender and the journal address as the recipient.

Now that journaling has been configured and working for Exchange 2013, you can move on to step 5 in the connect process; Connect