Exchange 2013 Standard Journaling

Document created by user.oxriBaJeN4 Employee on Sep 14, 2015Last modified by user.oxriBaJeN4 Employee on Mar 27, 2017
Version 6Show Document
  • View in full screen mode

This guide details the steps involved in configuring standard SMTP Journaling for Exchange 2013 and the requirements and steps to make it work within the Mimecast ecosystem.

If your Mimecast subscription includes the Journaling feature, and your service was provisioned after the 26th March 2015 you will find a Journal Connector has already been created for you, including an internal journal domain and journal address.

  • The Journal Domain is automatically created as journal.domain.com, where domain.com is the domain your organization provided as your primary mail domain.
  • The Journal Contact is automatically created as journaling@journal.domain.com.

 

Use this address as the mail attribute for the external contact you create in Exchange to send journal messages to.

If your Mimecast service was provisioned before this date, or you want to add an additional journal connector you will need to manually add a journal domain, journal address, and journal connector as detailed below.

Create a Journal Definition In Mimecast

 

The first step in configuring Journaling is to create a Journal Definition within the Administration Console.To accomplish this, do the following:

  1. Sign into the Mimecast Administration Console.
  2. Navigate to Administration | Services | Journaling:
  3. Click on the New Journal Service Definition button:

    journalDef2.png
  4. Under Journal Service Properties in the Description field, enter a relevant name for the definition:

    journalDef3.png
  5. In Transport Type pull-down, select SMTP:

    journalDef4.png
  6. Under Connection Properties enter a Service Email Address using the following format:  journaling@journal.domain.com (where domain.com is the primary SMTP domain):
    You'll be using the Service Email Address throughout the rest of the Journal configuration process.
    journalDef5.png
  7. In the Additional Source IP Ranges field, provide the IP Addresses from which Mimecast will receive Journaled messages. Theses are typically the external IPs of the Transport Service in the environment:
    Authorized Outbound IP addresses are automatically allowed, therefore this field can be left blank. This also applies to hosted environments sharing IP addresses or ranges.
    journalDef6.png
    This field is expecting the IP Address with a CIDR mask, so ranges can be added in a single line. The proper syntax for a single address is /32.
    Other configurable values on the page are:

    FieldDescription
    DisabledAllows journal services to be taken offline without removing the Journal Service Definition.  Using the disabled option will result in the journal service being suspended, and any error conditions related to the connection will be reset.  This is useful if a journal mailbox is going to be offline for an extended period of time. When the journal mailbox is once again available, be sure to enable activity before removing the check.
    Any changes made to this checkbox are recorded in the event log.
    Use SMTP Authentication

    Can be enabled for enhanced security features. Once checked, this produces an additional field where a password should be entered. This password, along with the journal email address will be used as the SMTP-AUTH credentials.

    In order to make use of the authentication option, an SMTP Send Connector is required on the Exchange server for SMTPJournaling.

    Initial Process DelayAdvanced configuration options that should be left as the default values (default = 0), unless working on a Journaling issue with Mimecast Support.  Determines the time to wait before attempting to match a message to the archive
    Delivery Wait AttemptsAdvanced configuration options that should be left as the default values (default = 3), unless working on a Journaling issue with Mimecast Support. Determines the number of tries the system attempts to match a message before it is archived
    Period of Inactivity AllowedDefines how long the SMTP connector is allowed to be inactive without receiving any messages, before it is reported as being "down" (default = 180 minutes). Consider the setting carefully according to your Exchange Server environment. For example, if you operate in an environment with low email volumes, the connector is likely to handle a small Exchange database.  Therefore, you can set this value to a much higher value than the default to cater for quiet periods (e.g. overnight) and/or smaller email databases
    Journal TypeSpecify the Journal type as either Exchange Envelope Journaling (EEJ) or Standard EML

    Mimecast supports Journaling of emails (EML) in standard MIME format (without the EEJ wrapper), and emails journaled in EEJ format.  Standard emails (EML) files can only be assigned to mailboxes based on the message headers (which may not be reliable, and does not include BCC recipients).  Exchange Envelope Journal emails are the preferred option in terms of accuracy when determining the recipients for an email.

     

    An additional feature of the Exchange Envelope Journaling service is that it “steps down” to handle incorrectly enveloped messages in an EEJ mailbox.  On occasions, journal mailboxes may receive non-envelope journaled emails. These messages would normally cause the journal service to fail. Mimecast auto-detects these malformed messages and absorbs them as normal emails, even though the journal mailbox is set to EEJ.

    EncryptedThis checkbox is selected by default, but is not required. If checked, Mimecast will only accept Journal messages over TLS. Journal messages not sent over TLS will be rejected.
    Prefer Clear Text VersionEnable this option for Active Directory Rights Management Services protected journal items.
    Journal Non Internal AddressesWhen enabled, items processed by the Journal Connector that do not hold any internal addresses will be archived.
    Journal Unknown Internal AddressesWhen enabled, items processed by the Journal Connector that are sent from or sent to unknown internal addresses will be archived.
  8. Once completed, click Save and Exit:

    journalDef7.png

This concludes the steps involved in creating a Journal Definition in Mimecast.

 

Create a Journal Sub Domain in Mimecast

 

To accomplish this:

  1. Navigate to Administration | Directories | Internal Directories.
  2. Click the Register New Domain button from the top of the page. This displays a three stage wizard process:

    addDomain.png
  3. Review the information displayed, then type the name of the new Domain in the appropriate field:

    addDomain1.png
  4. Click the Get Verification Code button to continue:

    addDomain2.png
  5. You'll notice that step two is skipped because your parent domain already exists:

    addDomain3.png

This concludes the steps involved in creating the Journal Sub Domain in Mimecast. If you need to edit the sub domain, see Email Domains.

 

Configure an External Contact in Exchange 2013

 

The next step is to create an External SMTP Contact using the following format: journaling@journal.domain.com

Where domain.com is the primary SMTP domain.

To accomplish this, do the following from within your Exchange 2013 environment:

  1. In the Exchange Admin Center (EAC), navigate to Recipients, and then select Mail Contact:

    journalContactWizard1.png
  2. Click on the + icon followed by Mail Contact.
    This displays the New Mail Contact popup window.
  3. Complete the Contact Information popup fields similar to below:
    By default under Organizational Unit (OU), the path to the Users container is displayed.
    To modify this field, click Browse, and then select the required OU.

    journalContactWizard3.png
  4. To complete the configuration, click the Save button.

 

This concludes the steps involved in creating an External Contact in Exchange 2013.

 

Configure Exchange 2013 Send Connector

 

The next step in this process is to configure the Exchange 2013 Send Connector from within the 2013 Exchange environment. This will enable archiving internal and external emails to the External SMTP contact created above.

 

To accomplish this, do the following from the Exchange 2013 environment:

  1. Open the Exchange 2013 Administration Center.
  2. Navigate to Mail Flow | Connectors:

    sendConnector1.png

  3. Click on the + icon to create a new Send Connector.
  4. Enter a Name for the connector, for example: Journal Send Connector to Mimecast. For Type, select Custom. When completed click Next:

    sendConnector2.png
  5. Under Network Settings select: Route mail through smart hosts radial button. When completed, click the + icon to add a smart host:

    sendConnector3.png

  6. Depending on your geographical location, use the table below to enter the Primary and Secondary Smart Hosts. When entering the Smart hosts, click Save when completed:

    sendConnector4.png

    RegionHostname
    North America

    us-smtp-journal-1.mimecast.com

    us-smtp-journal-2.mimecast.com

    Europe and Australia

    eu-smtp-journal-1.mimecast.com

    eu-smtp-journal-2.mimecast.com

    South Africa

    za-smtp-journal-1.mimecast.co.za

    za-smtp-journal-2.mimecast.co.za

    Australia

    au-smtp-journal-1.mimecast.com

    au-smtp-journal-2.mimecast.com

    Off Shore

    je-smtp-journal-1.mimecast-offshore.com

    je-smtp-journal-2.mimecast-offshore.com

  7. When both Primary and Secondary Smart Hosts have been entered, click Next:

    sendConnector5.png
  8. Under Smart Host Authentication, select the None radio button, then click Next:

    sendConnector6.png

  9. Specify the Address space for which the connector should route mail by clicking click the + icon to add a domain:

    sendConnector7.png
  10. Enter the following information and when completed click Save:
    • *Type: SMTP
    • *Full Qualified DOmain Name (FQDN): journal.domain.com
      Where journal.domain.com is the journal sub domain created in the Create a Journal Sub Domain in Mimecast section of this document.
    • *Cost: 1
      sendConnector8.png
  11. Click Next:

    sendConnector9.png
  12. Click the + icon:

    sendConnector10.png

  13. Select the transport server(s) that will associate with this connector. Click Add when the server(s) are selected and then click Ok:
    If running an environment with Edge Transport Servers, you'll need to push the Send Connector to Edge Transport Servers. Click on this check the Microsoft website for instructions on how to accomplish this.
    sendConnector11.png

  14. When the servers have been added, click Finish:

    sendConnector12.png

 

This concludes the steps involved in creating a Send Connector in Exchange 2013.

Check the Send Connector's properties to ensure there are no size limits set. By default, a 10mb size limit is set on the connector. This can cause larger messages to build up in your queues.

send_connct_prop.png

Enable Exchange 2013 Journaling

 

You're almost there. Lastly you'll need to enable Journaling from the Exchange 2013 environment.

Standard Journaling is allowed using the default Client Access Licenses from Microsoft.

To accomplish this, do the following from within Exchange 2013:

 

  1. Navigate to Servers | Database and click on a database:

    journalStand1.png
  2. Click the Edit icon to go into the Database Properties:

    journalStand2.png

  3. Select the Maintenance and then click Browse:

    journalStand3.png

  4. Select the Mail Contact created earlier and then click OK:

    journalStand4.png

  5. Click Save to enable Journaling for that database:

    journalStand5.png
  6. Repeat the process for the other mailbox databases.
    Public Folder Databases cannot be journal enabled.

This concludes the configuration process.

 

Verify Exchange 2013 Journaling

 

Now that all the Journaling configuration is complete. It's time to verify that the connections are working.

 

To accomplish this, do the following from the Mimecast Administration Console:

  1. Log into the Mimecast Administration Console.
  2. Navigate to Administration | Services | Journaling:

    journalDef1.png
  3. Note the Service Status of the Journaling connector:

    journalVerify1.png

    IconService StatusDescription
    Pending.gifService Awaiting Initial RunOn initial configuration, the status icons for SMTP journal connectors will be orange, with a service status of Service Awaiting Initial Run
    Successful.gifService OKOnce the first message is received by the connector, the icon will change, and the status updated to Service Enabled
    Failed.gifService ErrorIf Mimecast cannot connect to the Journal connector and retrieve emails, the status will change to Service Error

    If the connector configuration is not successful, please see the Troubleshooting Journaling article.
  4. View the current list of Journaling items by clicking the Queue Details button:

    journalVerify2.png
    For Exchange Envelope Journal Format (EJF), the actual recipient is displayed as the sender and the journal address as the recipient.

Now that journaling has been configured and working for Exchange 2013, you can move on to step 5 in the connect process; Connect

1 person found this helpful

Attachments

    Outcomes