Exchange 2016 Journaling

Document created by user.oxriBaJeN4 Employee on Jun 20, 2016Last modified by user.oxriBaJeN4 Employee on Mar 27, 2017
Version 10Show Document
  • View in full screen mode

Applies To

 

This guide details the steps involved in configuring standard or premium journaling for Exchange 2016, including the configuration of the Mimecast ecosystem. The process for standard and premium journaling are very similar. The only differences are in the Enabling Journaling section.

A journal connector, complete with an internal journal domain and journal contact, is automatically created for all Mimecast journaling subscriptions created after 26 March 2015. If your Mimecast subscription was created before this date, or you want to add an additional journal connector, you'll need to manually add a journal domain, journal address, and journal connector as detailed below:

 

              
Domain / ContactValueComments
Domainjournal.domain.comWhere domain.com is the domain your organization provided as your primary mail domain.
Contactjournaling@journal.domain.comWhere domain.com is the domain your organization provided as your primary mail domain. Use this contact as the mail attribute for the external contact you create in Exchange to send journal messages to.
  

Creating a Journal Definition Mimecast

 

journalDef2.pngTo create a journal definition in Mimecast:

  1. Log in to the Administration Console.
  2. Click on the Administration | Services | Journaling menu item. Any existing definitions are displayed.
  3. Click on the New Journal Service Definition button.
  4. Complete the Journal Service Properties section as follows:

    Field / OptionDescription
    DescriptionEnter a description for the definition (e.g. Exchange Journal Connector).
    Transport TypeSelect SMTP from the drop down list.
    Disabled

    Leave this option unchecked. This option allows journal services to be taken offline without removing the definition. If checked, journaling is suspended, and any error conditions related to the connection are reset. This is useful if a journal mailbox is going to be offline for an extended period. When the journal mailbox is once again available, be sure to enable activity before removing the check.

    Any changes made to this option are recorded in the event log.

      
  5. Complete the Connection Properties section as follows:

    Field / OptionDescription
    Service Email Address

    Enter your domain's journaling email address (e.g. journaling@journal.domain.com (where domain.com is the primary domain).

    You'll be using the Service Email Address throughout the rest of the Journal configuration process.

      
    Mailbox NameSpecify a journal mailbox name. This will be the user Mimecast uses when logging in to the journal mailbox.
    PasswordSpecify a journal mailbox password.
    Hostname / IP Address

    Specify the hostname or public IP address where the journal mailbox is housed. Your firewall must be configured to allow inbound POP3 / POP3S traffic from Mimecast to this address.

    Authorized outbound IP addresses are automatically allowed, therefore this field can be left blank. This also applies to hosted environments sharing IP addresses or ranges.

      
    PortSpecify the TCP/IP port to be used for the communication. This will either be 110 for POP3, or 995 for POP3S.
    Journal Type

    Specify the Journal type. Mimecast supports Exchange Envelope Journaling (EEJ) or Standard EML.

    Exchange Envelope Journal (EEJ) emails are the preferred option in terms of accuracy when determining the recipients for an email. It also “steps down” to handle incorrectly enveloped messages in an EEJ mailbox. On occasions, journal mailboxes may receive non-envelope journaled emails causing the journal service to fail. Mimecast auto-detects these malformed messages and absorbs them as normal emails, even though the journal mailbox is set to EEJ.

    Standard EML journaling is in MIME format without the EEJ wrapper. EML files can only be assigned to mailboxes based on the message headers. These may not be reliable, and does not include BCC recipients.

      
    Encrypted

    This option is selected by default, but is not required. If checked, Mimecast only accepts journal messages over TLS. Journal messages not sent over TLS will be rejected.

    Check if the connection should be encrypted, and journal emails are only pulled using POP3S.

    Encryption Mode

    If the "Encrypted" option is checked, this specifies the encryption mode. Strict mode is recommended. Relaxed mode permits encryption with self signed certificates and other valid certificates, which may not have a complete trust chain.

    This option can only be set by Mimecast Support.

      
    Remove Journal Headers

    If checked, potentially sensitive journal headers that Microsoft Exchange might have added are removed. Headers that are removed are:

    • X-MS-Exchange-Organization-BCC:
    • X-MS-Exchange-CrossPremises-BCC:

    All other headers are respected.

    Detailed LoggingIf checked, Mimecast Support can troubleshoot failed journal mailboxes.
    Journal Non-Internal AddressesIf checked, items processed by the journal connector that do not hold any internal addresses are archived.
    Journal Unknown Internal AddressesWhen checked, items processed by the journal connector that are sent from or sent to unknown internal addresses are archived.
  6. The Service Status section is a display only section displaying the following information:

    FieldDescription
    Service StatusDisplays your current journaling status.
    Last Successful ExtractDisplays the date and time of your last successful archive. "Awaiting Initial Run" is displayed if you are creating a definition.
    Processing QueueDisplays the amount of journal mail received by us that is currently being processed.
    POP3 Mailbox QueueDisplays the number of emails in the POP3 mailbox the last time we connected to the journal mailbox.
  7. Click the Save and Exit button.

    journalDef7.png

Creating a Journal Sub Domain in Mimecast

 

reg_domain.pngTo create a journal sub-domain in Mimecast:

  1. Log in to the Administration Console.
  2. Click on the Administration | Directories | Internal Directories menu item.
  3. Click the Register New Domain button. A three step wizard is displayed.
  4. Enter the Sub-Domain in the Domain Name field.
  5. Click the Get Verification Code button.

    sub-domain.png
    Step two is not required because your parent domain already exists. Once the sub-domain has been verified, the following step three dialog is displayed:

    addDomain3.png

  6. Click the Finish button to conclude the addition of the sub-domain.

Should you need to change a sub domain, read the Email Domains page.

  

Creating an External Contact in Exchange 2016

 

Tcontact.pngo create an external contact in Exchange 2016:

  1. Log in to the Exchange Admin Center.
  2. Click on the Recipients menu item on the left of the page.
  3. Click in the Contacts link at the top of the page
  4. Click the + icon to display a popup menu.
  5. Click the Mail Contact menu item.
  6. Complete the New Mail Contact dialog as follows:

    Field / OptionDescription
    First NameEnter a first name for the journaling contact (e.g. SMTP).
    InitialsThis field is not required, and can be left blank.
    Last NameEnter a last name for the journaling contact (e.g. Journaling).
    Display Name

    These fields display a concatenation of the First Name and Last Name fields, and can be left with the default values. If the above examples are used, the display name is "SMTP Journaling".

    Name
    AliasEnter an alias for the contact (e.g. Journaling).
    External Email AddressEnter the journaling contact email address (e.g. journaling@journal.domain.com - where "domain.com" is your primary SMTP domain.
  7. Click the Save button.

 

Creating an Exchange 2016 Send Connector

 

Send ConnectorNext you must configure the Exchange 2016 Send Connector. This enables archiving of internal and external emails to the external SMTP contact created in the "Configuring an External SMTP Contact" section above.

 

To configure the Exchange 2016 send connector:

  1. Log in to the Exchange Admin Center.
  2. Click on the Mail Flow menu item at the left of the page.
  3. Click the Send Connectors link at the top of the page.
  4. Click the + icon to display a popup dialog.
  5. Complete the Select Your Mail Flow Scenario dialog as follows:

    Field / OptionDescription
    NameEnter a name for the connector (e.g. Journal Send Connector to Mimecast).
    TypeSelect the "Internet (For example, to send internet mail)" option.
  6. Click the Next button. The New Send Connector dialog is displayed.
  7. Smart HostsSelect the Route Mail Through Smart Hosts option.
  8. Click the + icon. The Add Smart Hosts dialog is displayed.
  9. Make a note of the Primary / Secondary Smart Hosts for your region by referring to the Mimecast Gateway page.
  10. Enter the Primary Smart Host for your region. 
  11. Click the OK button. The primary smart host is displayed in the list.
  12. Repeat steps 8 to 11 to enter the Secondary Smart Host for your region.
  13. Click the Next button.
  14. Click the None value in the "Smart Host Authentication" section.

    Smart Host Authentication
  15. Click the Next button.
  16. Click the + icon to specify the Address Space the connector should route mail to.
  17. Complete the Add Domain dialog as follows:

    Field / OptionValue
    TypeSMTP
    Full Qualified Domain Name (FQDN)journal.domain.com
    This is the journal sub domain created in the "Creating a Journal Sub Domain in Mimecast" section of this document.
    Cost1
  18. Click the Save button. The Address Space is displayed in the list.

    Address Space
  19. Click the Next button. The Source Server section is displayed.
  20. Source ServerClick the + icon to add the transport server(s) associated with this connector.
  21. Click on the Mailbox Servers that you want to use to send outbound mail to Mimecast.
    If running an environment with Edge Transport Servers, you'll need to push the Send Connector to Edge Transport Servers. Click on this check the Microsoft website for instructions on how to accomplish this.
  22. Click the Add button.
  23. Click the OK button.
  24. Click the Finish button.

 

Enabling Exchange 2016 Journaling

Standard Journaling is allowed using the default Client Access licenses from Microsoft.

DatabaseTo enable journaling:

  1. Log in to the Exchange Admin Center.
  2. Click on the Servers menu item at the left of the page.
  3. Click the Databases link at the top of the page.
  4. Ensure the required Database is selected.
  5. Click the Edit Icon icon. The Database Properties are displayed.
  6. Click on the Maintenance menu item on the left.
  7. Click the Browse button. A list of Mail Contacts is displayed.

    Database Maintenance

  8. Click on the Mail Contact created in the "Creating an External Contact" section of this page (e.g. "SMTP Journaling").
  9. Click the OK button.
  10. Click the Save button. Journaling is enabled for the database.
  11. Repeat steps 4 to 10 for the other mailbox databases.
    Public folder databases cannot be journal enabled.

 

Verifying Exchange 2016 Journaling

 

To verify in Mimecast that Exchange 2016 journaling is working:

  1. Log in to the Administration Console.
  2. Click on the Administration | Services | Journaling menu item.
  3. Look for the Journal Connector Service Status icon in the right hand column:

    verify.png
    The icon has one of the following meanings:

    IconService StatusDescription
    Pending.gifService Awaiting Initial RunOn initial configuration, the status icons for SMTP journal connectors will be orange, with a service status of "Service Awaiting Initial Run".
    Successful.gifService OKOnce the first message is received by the connector, the icon changes, and the status updated to "Service Enabled".
    Failed.gifService ErrorIf we cannot connect to the journal connector and retrieve emails, the status changes to "Service Error". Read the Troubleshooting Journaling article for further information.

You can view the current list of journaling items by clicking the Queue Details button.

  

Attachments

    Outcomes