About Archiving for Microsoft Exchange Server

(1)

Setup Guide

Revision A

McAfee SaaS Email Archiving Service

Configuring Microsoft Exchange Server 2013

About Email Archiving for Microsoft

Exchange Server

The McAfee SaaS Email Archiving service stores email messages from a journal mailbox on your Microsoft Exchange Server and associates those messages with user accounts. Users can then log on to the Control Console and view their archived messages. Additionally, Email Archiving allows you to store all of your previously sent and received messages using a historical mailbox.

The role of envelope journaling in archiving messages

Email Archiving requires that you enable the envelope journaling feature of your Microsoft Exchange Server.

The journaling feature of Exchange Server creates a copy — or journal — of all the email messages that the server sends or receives. Using envelope journaling ensures that the BCC and distribution list recipients are captured and archived in addition to the primary sender and recipient.

After journaling is enabled, the Exchange Server sends copies of all email to a dedicated mailbox called the journal recipient mailbox. From here, the Email Archiving service can retrieve your email and archive it.

Email Archiving stores messages for a user even after that user has been removed from the Active Directory and the Exchange Server.

Associating messages with users in Email Archiving

Email Archiving automatically associates newly archived email messages with user accounts in the Control Console. This process ensures that individual users are able to view their archived messages in the Email Archiving tab of the Control Console.

1

(2)

Archiving historical messages

You can archive historical messages in addition to your active mail, however the process for historical messages does not use journaling.

Historical messages include all of the messages that were on your mail server before setting up Email Archiving. In order to archive these messages, you can:

• Pay for the Managed Import Service — ask your sales representative for details.

• Upload historical messages by setting up a designated historical mail source in the Control Console

— at no extra charge.

If you choose to upload historical messages, complete these activities:

• Create a user mailbox on the Exchange Server and place your historical messages into the inbox.

• Set up a Historical Mail Source in the Control Console and connect it to your historical mailbox.

• Enable the Historical Mail Source. Messages that are placed into the inbox of your historical mailbox are then automatically imported into Email Archiving. After they are archived, your messages are deleted from the historical mailbox. Messages in subfolders are not imported.

For more information, see the McAfee SaaS Email Archiving Administrator Guide or the Control Console Help.

Do not turn on journaling for your historical mailbox.

Preparing for setup

Complete the following tasks before configuring the journaling mailbox in Exchange Server.

• Add your users in the Account Management tab of the Control Console — Adding your users before you configure Email Archiving ensures that your users have access to their archived mail. Otherwise, access is restricted to the Customer Administrator.

• Verify that the Email Archiving service IP address space can communicate with your network — check with your Firewall/Intrusion Prevention System vendor if you have questions.

• Set the maximum message size in Exchange Server to 50 MB —Email Archiving supports messages up to 50 MB.

• Select a journaling type.

• Standard — Standard journaling is easier to implement and allows you to quickly enable journaling for all the users on a storage database. If you want to archive all of your users, McAfee recommends setting up standard journaling on each of your storage databases.

• Premium — Premium journaling is more complex to implement, but it allows you to set up rules-based journaling. For example, you can enable journaling for specific users on a database.

Premium journaling also requires that you purchase an Exchange Server Enterprise client access license (CAL). Finally, you should configure journaling agents on the appropriate Hub Transport servers.

IMAP is the recommended protocol for all setup activities in Email Archiving.

(3)

Setting up Exchange Server 2013

Configure and enable the journal mailbox that you use to archive email.

Tasks

• Add a journal mailbox on page 3

Create a journal mailbox on your server.

• Configure the journal mailbox on page 6

Edit the default configuration of the new mailbox.

• Set up journaling on page 15

Configure the system to use your journal mailbox for journaling purposes.

• Configure additional server options on page 18

Complete additional security and journaling configuration options.

Add a journal mailbox

Create a journal mailbox on your server.

Tasks

• Access the administrative center on page 3

Go to the admin center and logon with your credentials.

• Add a recipient mailbox on page 5

Create a mailbox and designate it as the journal mailbox.

Access the administrative center

Go to the admin center and logon with your credentials.

Task

1 Navigate to the administrative center.

You can open the site directly from the server or from a browser on the network.

• Select Start | All Programs | Microsoft Exchange Server 2013 | Exchange Administrative Center.

• Open your browser and navigate to the server. For example, https://

exchange-2013.example.com.

The Exchange Administrative Center page appears.

2 Log on to the site.

3

(4)

a Enter your domain and user name.

Use the format: exampledomain\examplename b Enter your password.

3 Click sign in.

The Exchange Administrative Center page opens to the list of mailboxes.

(5)

Add a recipient mailbox

Create a mailbox and designate it as the journal mailbox.

Task

1 On the left, click recipients. Across the top, click mailboxes.

This page is the default view when you first log on.

2 Click the + icon to add a mailbox, select User mailbox.

The new user mailbox window appears.

5

(6)

3 Complete the required fields for the new user mailbox.

Field Action

Alias Enter the alias. For example, journalmailbox.

The alias is the part of the email address to the left of the @ sign. It must be unique.

New user Select New user.

Display name Enter the display name. Use the same name as the alias.

Name Enter the name. Use the same name as the alias.

User logon name Enter the user logon name. Use the same name as the alias.

New password Enter the password for the user logon.

Confirm password Enter the password again to confirm.

4 Click save.

The new mailbox appears in the list.

Configure the journal mailbox

Edit the default configuration of the new mailbox.

(7)

Tasks

• Hide the journal mailbox on page 7

Modify the journal mailbox so that it does not appear in your address lists.

• Set the maximum message size on page 8 Configure the maximum message size to 50 MB.

• Restrict mail flow to the journal mailbox on page 10

Prevent incoming mail from being sent directly to the mailbox by updating the message delivery restrictions.

• Remove storage limits that apply to the journal mailbox on page 13

Modify the settings that limit the size of the mailbox and the retention period to ensure that all messages are archived.

Hide the journal mailbox

Modify the journal mailbox so that it does not appear in your address lists.

Hiding the address helps prevent unwanted email from going directly to the mailbox.

Task

1 Edit the journal mailbox.

a Log on to the Exchange Administrative Center.

b On the left, click recipients, across the top, click mailboxes.

c Select the display name for your journal mailbox and click the edit icon.

The user mailbox window appears.

7

(8)

2 Select the Hide from address lists checkbox.

3 Click save.

The edit window closes and the mailbox list refreshes.

Set the maximum message size

Configure the maximum message size to 50 MB.

Task

(9)

2 On the left, click mailbox features.

3 Scroll down to Mail Flow and under Message Size Restrictions, click View details.

The message size restrictions window appears.

4 Set restrictions.

9

(10)

a Under Received messages, select Maximum message size (KB):.

b Enter 50000.

c Click ok.

The window closes.

5 Click save.

Restrict mail flow to the journal mailbox

Prevent incoming mail from being sent directly to the mailbox by updating the message delivery restrictions.

Task

(11)

2 On the left, click mailbox features.

3 Scroll down to Mail Flow and under Message Delivery Restrictions, click View details.

The message delivery restrictions window appears.

11

(12)

4 Under Accept messages from:, select Only senders in the following list.

5 Click + to add select an email address.

The Select Members window opens.

(13)

6 Select the display name for the journal mailbox, click ok.

The window closes.

7 Click ok again.

The window closes.

8 Click save.

Remove storage limits that apply to the journal mailbox

Modify the settings that limit the size of the mailbox and the retention period to ensure that all messages are archived.

Task

13

(14)

2 On the left, click mailbox usage.

3 Click the more options... link.

Options for quota settings and retention settings appear.

4 Select Customize the quota settings for this mailbox.

The remaining drop-downs are active.

5 Select unlimited for each value.

• *Issue a warning at (GB)

• *Prohibit send at (GB)

• *Prohibit send and receive at (GB)

6 Select Customize the retention settings for this mailbox.

7 Enter a large value in the field for *Keep deleted items for (days).

Give the system enough time for messages to be archived before they are discarded.

For example, a value of 365 would give the system up to a year to complete archiving.

8 Click save.

(15)

Set up journaling

Configure the system to use your journal mailbox for journaling purposes.

Complete one of the following tasks depending on the type of journaling you want to use.

• Standard journaling — enable journaling on the server.

• Premium journaling — configure a global journal rule.

Tasks

• Enable journaling on the server on page 15

Configure the mailbox database and select your journal maibox.

• Configure a global journal rule on page 16

Create a rule to journal all messages on the server.

Enable journaling on the server

Configure the mailbox database and select your journal maibox.

Task

1 Log on to the Exchange Administrative Center.

2 On the left, click servers. Across the top, click databases.

3 Select the mailbox database and click the edit icon.

The Mailbox database window appears.

15

(16)

4 On the left, click maintenance.

5 Click browse... to select a journal recipient.

6 Select the name of journal mailbox and click ok.

7 Click save.

Configure a global journal rule

Create a rule to journal all messages on the server.

Before you begin

To use premium journaling, you must have an Enterprise Client Access License (CAL).

Task

2 On the left, click compliance management.

The page refreshes.

(17)

3 Across the top, click journal rules.

4 Click the + icon to add a journal rule.

The Journal Rule window appears.

5 Select options for the rule.

17

(18)

• *Send journal reports to: — Enter the email address for your journal mailbox. For example, [email protected]

• Name: — Give the rule a name. For example, Global Journaling Rule.

• *If the message is sent to or received from... — Select [Apply to all messages].

• *Journal the following messages... — Select All messages.

6 Click save.

The new rule appears in the list.

Configure additional server options

Complete additional security and journaling configuration options.

Tasks

• Verify that TLS is selected for IMAP on page 18

Ensure that you are using a secure TLS connection for IMAP4.

• Block the journaling of health-monitoring emails on page 19

Select a work-around to prevent the server from journaling health monitoring probes.

Verify that TLS is selected for IMAP

Ensure that you are using a secure TLS connection for IMAP4.

Task

2 On the left, select servers.

The server list appears.

3 Select your server name and click the edit icon.

The Exchange Server window appears.

4 On the left, select IMAP4.

The IMAP4 configuration appears.

5 Review your configuration.

(19)

• Verify that the Logon method value is Secure TLS connection.

• Verify that the Banner string value is The Microsoft Exchange IMAP4 service is ready.

6 Click save.

Block the journaling of health-monitoring emails

Select a work-around to prevent the server from journaling health monitoring probes.

The most effective work-around is to use a global override. This process disables the probes the emails.

For more information, read the Microsoft KB article, Managed Availability messages are journaled in Exchange Server 2013. http://support.microsoft.com/kb/2823959

Task

1 Run Start | Exchange Management Shell | Run as Administrator.

The Exchange Management Shell opens.

2 Enter the following commands:

Add-GlobalMonitoringOverride -Identity "FrontendTransport

\OnPremisesSmtpClientSubmission" -PropertyName Enabled -PropertyValue 0 -ApplyVersion

"15.0.620.29" -ItemType Probe

Add-GlobalMonitoringOverride -Identity "MailboxTransport\Mapi.Submit.Probe" -PropertyName Enabled -PropertyValue 0 -ApplyVersion "15.0.620.29" -ItemType Probe

Add-GlobalMonitoringOverride -Identity "FrontendTransport

\OnPremisesInboundProxy" -PropertyName Enabled -PropertyValue 0 -ApplyVersion

"15.0.620.29" -ItemType Probe

19

(20)

3 Restart the following services:

• Microsoft Exchange Diagnostics

• Microsoft Exchange Health Manager

McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and