This guide details the steps involved in configuring SMTP Journaling for Exchange 2010 and 2007 Premium (HUB Transport) and the requirements and steps to make it work within the Mimecast ecosystem.
If your Mimecast subscription includes the Journaling feature, and your service was provisioned after the 26th March 2015 you will find a Journal Connector has already been created for you, including an internal journal domain and journal address.
- The Journal Domain is automatically created as journal.domain.com, where domain.com is the domain your organization provided as your primary mail domain.
- The Journal Contact is automatically created as email@example.com.
Use this address as the mail attribute for the external contact you create in Exchange to send journal messages to.
If your Mimecast service was provisioned before this date, or you want to add an additional journal connector you will need to manually add a journal domain, journal address, and journal connector as detailed below.
Create a Journal Definition In Mimecast
The first step in configuring Journaling is to create a Journal Definition within the Administration Console.
To accomplish this, do the following:
- Sign into the Mimecast Administration Console.
- Navigate to Administration | Services | Journaling.
- Click on the New Journal Service Definition button:
- Under Journal Service Properties in the Description field, enter a relevant name for the definition:
- In Transport Type pull-down, select SMTP:
- Under Connection Properties enter a Service Email Address using the following format: firstname.lastname@example.org (where domain.com is the primary SMTP domain):
You'll be using the Service Email Address throughout the rest of the Journal configuration process.
- In the Additional Source IP Ranges field, provide the IP Addresses from which Mimecast will receive Journaled messages. Theses are typically the external IPs of the Transport Service in the environment:Authorized Outbound IP addresses are automatically allowed, therefore this field can be left blank. This also applies to hosted environments sharing IP addresses or ranges.This field is expecting the IP Address with a CIDR mask, so ranges can be added in a single line. The proper syntax for a single address is /32.Other configurable values on the page are:
Field Description Disabled Allows journal services to be taken offline without removing the Journal Service Definition. Using the disabled option will result in the journal service being suspended, and any error conditions related to the connection will be reset. This is useful if a journal mailbox is going to be offline for an extended period of time. When the journal mailbox is once again available, be sure to enable activity before removing the check.
Any changes made to this checkbox are recorded in the event log.
Use SMTP Authentication Can be enabled for enhanced security features. Once checked, this produces an additional field where a password should be entered. This password, along with the journal email address will be used as the SMTP-AUTH credentials.
In order to make use of the authentication option, an SMTP Send Connector is required on the Exchange server for SMTPJournaling.
Initial Process Delay Advanced configuration options that should be left as the default values (default = 0), unless working on a Journaling issue with Mimecast Support. Determines the time to wait before attempting to match a message to the archive Delivery Wait Attempts Advanced configuration options that should be left as the default values (default = 3), unless working on a Journaling issue with Mimecast Support. Determines the number of tries the system attempts to match a message before it is archived Period of Inactivity Allowed Defines how long the SMTP connector is allowed to be inactive without receiving any messages, before it is reported as being "down" (default = 180 minutes). Consider the setting carefully according to your Exchange Server environment. For example, if you operate in an environment with low email volumes, the connector is likely to handle a small Exchange database. Therefore, you can set this value to a much higher value than the default to cater for quiet periods (e.g. overnight) and/or smaller email databases Journal Type
Specify the Journal type as either Exchange Envelope Journaling (EEJ) or Standard EML
Mimecast supports Journaling of emails (EML) in standard MIME format (without the EEJ wrapper), and emails journaled in EEJ format. Standard emails (EML) files can only be assigned to mailboxes based on the message headers (which may not be reliable, and does not include BCC recipients). Exchange Envelope Journal emails are the preferred option in terms of accuracy when determining the recipients for an email.
An additional feature of the Exchange Envelope Journaling service is that it “steps down” to handle incorrectly enveloped messages in an EEJ mailbox. On occasions, journal mailboxes may receive non-envelope journaled emails. These messages would normally cause the journal service to fail. Mimecast auto-detects these malformed messages and absorbs them as normal emails, even though the journal mailbox is set to EEJ.
Encrypted This checkbox is selected by default, but is not required. If checked, Mimecast will only accept Journal messages over TLS. Journal messages not sent over TLS will be rejected. Prefer Clear Text Version Enable this option for Active Directory Rights Management Services protected journal items. Journal Non Internal Addresses When enabled, items processed by the Journal Connector that do not hold any internal addresses will be archived. Journal Unknown Internal Addresses
When enabled, items processed by the Journal Connector that are sent from or sent to unknown internal addresses will be archived.
- Once completed, click Save and Exit:
Create a Journal Sub Domain in Mimecast
To accomplish this, do the following:
- Navigate to Administration | Directories | Internal Directories.
- Click the Register New Domain button from the top of the page. This displays a three stage wizard process:
- Review the information displayed, then type the name of the new Domain in the appropriate field:
- Click the Get Verification Code button to continue:
- You'll notice that step two is skipped because your parent domain already exists:
This concludes the steps involved in creating the Journal Sub Domain in Mimecast.
If you'd need to edit the sub domain, please see Email Domains.
Configure an External Contact in Exchange 2010 or 2007 Premium
The next step is to create an External SMTP Contact. This is the journaling address that was created in the Administration Console (step 6 in "Create a Journal Definition in Mimecast" in this document), and should be in the following format: email@example.com
To accomplish this, do the following from within your Exchange 2010 or 2007 environment:
- In the Exchange Admin Console (EAC), navigate to Microsoft Exchange on-premise>Organization Configuration>Recipient Configuration>Mail Contact and then either right-click in the open space and select New Mail Contact or under Actions on the right-hand side, select New Mail Contact:
- The New Mail Contact Wizard appears. Under Create a mail contact for: select the New Contact radio button and then click Next:
- Complete the Contact Information popup fields similar to below:
- Add an External email address by clicking the Edit button:
- In the Email address field, enter the external contact address and then click OK:
- Click Next:
- Verify the settings and the page should look similar to the one below. When completed, click New:
- Click Finish when completed:
This concludes the steps involved in creating an External Contact in Exchange 2010 or 2007.
Configure Exchange 2010 or 2007 Standard Send Connector
The next step in this process is to configure the Exchange 2010 or 2007 Standard Send Connector from within the 2010 or 2007 Exchange environment. This will enable archiving internal and external emails to the External SMTP contact created above.
To accomplish this, do the following from the Exchange 2010 or 2007 environment:
- Open the Exchange 2010 or 2007 Administration Console (EAC).
- In the EAC, navigate to Microsoft Exchange on-premise>Organization Configuration>Hub Transport and then either click the Send Connectors tab and right-click in the open space and select New Send Connector or under Actions on the right hand side, select New Send Connector:
- The New Send Connector Wizard launches. Enter a Name for the connector, for example: Mimecast Journaling Send Connector. Under Select the intended use for this Send Connector click the pull-down and select Custom. When completed click Next:
- Specify the address space to which the connector will route mail by clicking + Add... and selecting SMTP Address Space...:
- The SMTP Address Space pop-up appears, in the Address space field, enter the journaling sub domain name for the connector:
- Make sure Include all subdomains is checked then set the Cost field to 1. Click OK when completed:
- Click Next:
- Under Network settings select the Route mail through the following smart hosts: radio button then click the + Add... button to add the Smart Hosts:
- The Add smart host pop-up appears. Click the Fully qualified domain name: radio button. Depending on your geographical location, use the table below to enter your regions Primary and Secondary Smart Hosts in the FQDN field. Click OK when completing each entry:
Primary Smart Host
Secondary Smart Host
Region Hostname North America
Europe and Australia
- When the Smart Hosts have been entered, click Next:
- Under Configure smart host authentication settings, select the None radio button and then click Next:
- Associate the connector with the HUB Transport server by clicking the + Add... button:
- Select the HUB Transport server(s) that will associate with this Send Connector and then click OK:If running an environment with Edge Transport Servers, you'll need to push the Send Connector to Edge Transport Servers. See the Configure Internet mail flow through an Edge Transport server without using EdgeSync page on the Microsoft website for instructions on how to accomplish this.
- Click Next:
- Review and then Click New to continue:
- Click Finish when completed.
This concludes the steps involved in creating a Send Connector in Exchange 2010 or 2007.
Enable Exchange 2010 or 2007 Premium Journaling
You're almost there. Lastly you'll need to enable Premium Journaling from the Exchange 2010 or 2007 environment.
Premium Journaling requires Enterprise CALs from Microsoft.
To accomplish this, do the following from within Exchange 2010 or 2007:
- In the Exchange Admin Console (EAC), navigate to Microsoft Exchange on-premise>Organization Configuration>Hub Transport and under HUB Transport select the Journal Rules tab and then right-click in the open space and select New Journal Rule or under Actions>HUB Transport on the right-hand side, select New Journal Rule: In Exchange 2007, the Journal Rules tab may read Journaling instead.
- Enter a distinct name for the Rule name field. For example: Journal Internal Mail to Mimecast and then click Browse next to the Send Journal reports to e-mail address field to select the Contact created earlier:
- In the Search field, enter journal and then click Find Now. Select the mail contact you created earlier. It should look similar to below:
- Click OK when completed:
- Under Scope select Global and then make sure the Enable Rule check box is selected. When completed click New:
- Review and Click Finish to complete:
This concludes the configuration process.
Verify Exchange 2010 or 2007 Premium Journaling
Now that all the Journaling configuration is complete. It's time to verify that the connections are working.
To accomplish this:
- Log in to the Administration Console.
- Navigate to Administration | Services | Journaling.
- Note the Service Status of the Journaling connector:If the connector configuration is not successful, please see the Troubleshooting Journaling article.
- View the current list of Journaling items by clicking the Queue Details button:For Exchange Envelope Journal Format (EJF), the actual recipient is displayed as the sender and the journal address as the recipient.
Now that journaling has been configured and working for Exchange 2010 or 2007, you can move on to step 5 in the connect process; Connect