Archiving with MS Exchange Server
Copyright 2011 by REDDOXX GmbH REDDOXX GmbH Neue Weilheimer Str. 14 73230 Kirchheim Fon: +49 (0)7021 92846-0 Fax: +49 (0)7021 92846-99 email: info@reddoxx.com Internet: http://www.reddoxx.com Support: http://support.reddoxx.net Revision number: 1.4 Approved & published: 25.07.2014 This manual was prepared with great care. However, REDDOXX GmbH and the author cannot assume any legal or other liability for possible errors and their consequences. No responsibility is taken for the details contained in this manual. Subject to alternation without notice. REDDOXX GmbH does not enter into any responsibility in this respect. The hardware and software described in this manual is provided on the basis of a license agreement. This manual is protected by copyright law. REDDOXX GmbH reserves all rights, especially for translation into foreign languages. No part of this manual may be reproduced in any way (photocopies, microfilm or other methods) or transformed into machine-readable language without the prior written permission of REDDOXX GmbH. The latter especially applies for data processing systems. REDDOXX GmbH also reserves all communication rights (lectures, radio and television). The hardware and software names mentioned in this manual are most often the registered trademarks of the respective manufacturers and as such are subject to the statutory regulations. Product and brand names are the property of REDDOXX GmbH. This issue replaces all earlier ones and orients itself on the appliance with respect to naming.
Table Of Content 1 Introduction...4 1.1 General requirements...4 1.2 Supported versions...4 1.3 User authentication...4 1.4 POP3 polling (fetch) vs. SMTP delivery...4 2 Configuration of MS Exchange Server...5 2.1 MS Exchange Server 2003...5 2.1.1 Requirements...5 2.1.2 Best practice...5 2.1.3 Configuration...5 2.1.3.1 Installation and activation of the MS Exchange Envelope Journaling...5 2.1.3.2 Create a new user with mailbox... 6 2.1.3.3 Activation of the journaling mailbox...8 2.2 MS Exchange Server 2007...10 2.2.1 Requirements...10 2.2.2 Best practice...10 2.2.3 Configuration...10 2.2.3.1 Create a new user with mailbox...10 2.2.3.2 Activation of the journaling mailbox...15 2.3 MS Exchange Server 2010...17 2.3.1 Function methods...17 2.3.2 Best practice...17 2.3.3 Configuration of email polling fetched via POP3...18 2.3.3.1 Create a mailbox for the Journal recipient...18 2.3.3.2 Configuration of the journaling mailbox...23 2.3.3.3 Activation of the POP3 Service... 24 2.3.4 Configuration of email delivery via SMTP...24 2.3.4.1 Create a new Mail contact... 25 2.3.4.2 Configuration of the Journal recipient...27 2.3.4.3 Setting up an SMTP Send connector...29 2.3.4.3.1 Address Space... 31 2.3.4.3.2 Network configuration... 32 2.3.4.3.3 Authentication configuration... 33 2.4 MS Exchange Server 2013...34 2.4.1 Description...34 2.4.2 Configuration steps...34 2.4.3 Configuration of email polling fetched via pop3...34 2.4.3.1 Create Journal mailbox... 34 2.4.3.2 Create Journal group and select users...35 2.4.3.3 Create and configure Journal rule...36 2.4.3.4 Activate POP3 Service... 36 3 Configuration of the REDDOXX Appliance...37 3.1 Configuration of the POP3 connector...37 3.2 Preparation of the REDDOXX Appliance to receive Emails on the mail depot SMTPconnector...37 3.2.1 Configuration of an Alias-IP-Address...37 3.2.2 Configuration of the SMTP connector...37 iii
1 Introduction This manual describes how to set up an MS Exchange Server to archiving internal emails in to the REDDOXX MailDepot. The core technology is based on the MS Exchange journaling, which means, that every email will be duplicated once at first. Dependent of the specified transport rule the duplicate usually ends in a mailbox, which can be read via POP3 from the POP3 connector, or the duplicate is forwarded via SMTP to the REDDOXX SMTP connector. The delivery via SMTP is recommended because this service is directly and provides a save process. 1.1 General requirements In the following configuration work, you must be logged in with administrator rights on the MS Exchange server. The Exchange server special requirements are described in the respective chapters of the server version, if they are needed. 1.2 Supported versions It supports MS Exchange Server from version 2003. This guide contains configuration examples for versions 2003, 2007 and 2010. 1.3 User authentication To interact with the MS Exchange server a dedicated user authentication is required. In the examples (screen-shots) the user REDDOXX MSXAgent is used. You can also choose any user name that matches your naming rules. If the exemplary user already exists, you can use this. 1.4 POP3 polling (fetch) vs. SMTP delivery In Section 2.3 is for Exchange 2010 Server, in addition to classic POP3 pick-up on the journaling mailbox, the notification via SMTP described by forwarding rule. The direct delivery through the SMTP mail REDDOXX Depot offers the advantage that the emails are delivered immediately upon receipt to the mail depot. The delay through the regular polling the POP3 connector is omitted. Note however the notes. The POP3 Connector has the advantage, that only with the POP3 Connector, the envelope will be set correctly. NOTE Note that during the delivery via SMTP, in case of failure (including maintenance) of REDDOXX mail depot, the queue on the Exchange server does not send NDRs! 4
2 Configuration of MS Exchange Server 2.1 MS Exchange Server 2003 2.1.1 Requirements MS Exchange Server 2003 Service Pack 2 or higher 2.1.2 Best practice Installation and activation of MS Exchange Envelope journaling on MS Exchange Server Create a new user with a mailbox Activation of the journaling mailbox 2.1.3 Configuration 2.1.3.1 Installation and activation of the MS Exchange Envelope Journaling The installation and activation of MS Exchange Server Envelope journal is required on an MS Exchange Server 2003. Do the following: 1. First Download the Microsoft Exchange Server envelope journaling module Exejcfg.exe from the following Internet address: http://www.microsoft.com/downloads/details.aspx?familyid=e7f73f10-7933-40f3-b07eebf38df3400d&displaylang=en 2. Double click on the file and extract the entire contents. 3. Open a command shell and change to the directory where the extracted files are located. 4. Activate the envelope journaling by running the command exejcfg.exe -e 5. Verify that the command returns a successful result. Illustration: Activate Envelope journaling 5
2.1.3.2 Create a new user with mailbox 1. Log on to the Microsoft Exchange Server as a domain administrator. 2. On the MS Exchange server, click Start, point to All Programs, point to Administrative Tools, and then click Active Directory Users and Computers. 3. In the Active Directory Users and Computers console, expand the view in the domain (+) and select Users. Illustration: Active Directory Users and Computers 4. Select from the context menu Action New and then User. 5. In the New Object - User dialogue, enter the new journaling mailbox to the user name (e.g. REDDOXX), last name (e.g. MSX-Agent) and the user logon name (e.g. ReddoxxMSXAgent). Illustration: Create a new User 6
6. Enter a password for the previously created user and repeat it in the Confirm password box. Make sure that "User must change password at next logon" option is NOT set and the "Password never expires" is set. Illustration: Create Password 7. Select for the previously created user "Create an Exchange mailbox" and leave the rest of the options as they are. Illustration: Create Exchange mailbox 8. Click Next and then Finish. The user and the journaling mailbox have been created. 7
2.1.3.3 Activation of the journaling mailbox 1. Log on to the Microsoft Exchange Server as a domain administrator. 2. On the MS Exchange server, click Start, All Programs, Microsoft Exchange and select System Manager. 3. In Exchange System Manager, expand Servers, MS Exchange Server (example: Win2K DC), the mailbox store group, right click on the mailbox store for which you want to enable journaling, and select Properties. Illustration: Properties Mailbox store 4. In the window Properties, click General, and check the option "Archive all messages sent or received by mailboxes on this store." Click on Browse, then select Recipient. 8
5. In the "Select Recipients" window, select the mailbox that you created earlier (example: REDDOXX MSX-Agent) and click OK. Illustration: Select Journal mailbox user NOTE Repeat this process for each mailbox store where journaling needs to be enabled. 9
2.2 MS Exchange Server 2007 2.2.1 Requirements MS Exchange Server 2007 Service Pack 1 or higher 2.2.2 Best practice Create a new user with mailbox Activation of the journaling mailbox 2.2.3 Configuration 2.2.3.1 Create a new user with mailbox 1. Log on to the Microsoft Exchange Server as a domain administrator. 2. On the Exchange Server click Exchange Management Console. 3. In the Exchange Management Console expand the Recipient Configuration and select Mailbox. 4. Right click on Mailbox and select New Mailbox. Illustration: Create new mailbox 10
5. By using the Mailbox wizard select User Mailbox. Illustration: Create new mailbox 6. For user type select New user. 11
7. Enter First name and Last name. Select the corresponding domain for the User logon name. Choose a password and repeat it. The Option User must change password at next logon must NOT be set. Illustration: Enter User information 12
8. Select a Mailbox database. Don't touch the other options in this window. Illustration: Select Mailbox database 13
9. A summary for the entered data will be shown. 10. Click on Finish. Illustration: Completion of New mailbox 14
2.2.3.2 Activation of the journaling mailbox 1. Log on to the Microsoft Exchange Server as a domain administrator. 2. On the Exchange Server click Exchange Management Console. 3. In the Exchange Management Console expand the Server Configuration and select Mailbox. 4. In the middle area of the exchange Management Console select the register Database Management and expand the storage group. Click right on the storage group where you want to activate the journaling and select Properties. Then this is the storage group, journaling will be activated. Illustration: Select Mailbox database 15
5. In the window Properties select the register General. Activate the Check box Journal recipient and Click on the button Browse. Illustration: Mailbox Database Properties 6. Select the Mailbox that was just created. Then click OK. Back in the Properties window click Apply and OK. Illustration: Select Recipient 16
2.3 MS Exchange Server 2010 2.3.1 Function methods There are two ways to archive an email by using a MailDepot connector. POP3 By using the journaling mailbox a copy of the internal email will be created into the journaling mailbox. Subsequently the REDDOXX POP3 connector is fetching and archiving those copied emails. SMTP By using the journaling a copy of the internal email will be created and sent to a certain IP address. A transport rule defines that emails match the domain must be forwarded by the send connector. As a target system the IP or hostname of the REDDOXX MailDepot is specified. The REDDOXX Appliance can provide an IP-Alias exclusively for the REDDOXX MailDepot SMTP-Connector. This link shows detailed informations about the configuration of the IP Alias. NOTE By using the delivery via SMTP, the queue of the exchange server can t send NDR s if a failure occurs or the MailDepot is under maintenance. 2.3.2 Best practice POP3 fetch Creation of a mailbox for the Journal recipient Configuration of the Mailbox journal Activate POP3 service SMTP delivery Creation of a new email contact Configuration of the Journal recipient set an SMTP send connector Adjust the Message Expiration Time-Out interval value 17
2.3.3 Configuration of email polling fetched via POP3 2.3.3.1 Create a mailbox for the Journal recipient 1. Log on to the Microsoft Exchange Server as a domain administrator. 2. On the Exchange Server click Exchange Management Console. 3. In the Exchange Management Console expand the Recipient Configuration and select Mailbox. 4. Right click on Mailbox and select New Mailbox. Illustration: Create a new Mailbox 18
5. Select User mailbox and click next. Illustration: New Mailbox 6. Select New user and click Next Illustration: New Mailbox 2 19
7. Complete the fields accordingly and click Next. Illustration: User information 20
8. Confirm the alias and click Next. Illustration: Mailbox settings 21
9. Select Don't create an archive and click next. Illustration: Archive configuration for new user 10. Then click Next, New and Finish. 22
2.3.3.2 Configuration of the journaling mailbox 1. Log on to the Microsoft Exchange Server as a domain administrator. 2. On the Exchange Server click Exchange Management Console. 3. In the Exchange Management Console expand the Organization Configuration and select Mailbox. 4. On the top of the right area select the register Database Management. 5. Click right on the Mailbox Database and select Properties. 6. Select the register Maintenance and activate the check box Journal Recipient. 7. Click Browse and choose the created journaling Mailbox. Illustration: Mailbox Database Properties 23
2.3.3.3 Activation of the POP3 Service In order to make the pop3 service permanently available, the start-up mode must be set to automatic. Finally the service needs to be started so that it is immediately available. 1. Start the Server Manager. 2. Expand the view Configuration and select Services. 3. Search for Microsoft Exchange POP3, click right on the Service and select Properties 4. In the register General select Start-up type and choose Automatic. 5. Start the POP3-Service. Illustration: Activate POP3 Service 2.3.4 Configuration of email delivery via SMTP 24
2.3.4.1 Create a new Mail contact 1. Log on to the Microsoft Exchange Server as a Domain Administrator. 2. On the Exchange Server start the Exchange Management Console. 3. In the Exchange Management Console expand the Recipient Configuration and select Mail Contact. 4. Click right and select New Mail Contact. Illustration: New Email contact Illustration: Create new Mail contact 25
5. Enter First name, Last name and Alias. 6. Click on Edit and enter an SMTP Email address that has no real existent domain. The forwarding rule will be bind on this domain. 7. Click on Next, New and finally Finish. NOTE The domain for the external Email address must not exist but needs to have a correct syntax. Illustration: Contact Information 26
2.3.4.2 Configuration of the Journal recipient Here you define which email address (email contact) is used in the creation of duplicate email (by the Journal) to deliver the duplicate. There is always a database linked to a journal recipient. If you have mailboxes across multiple databases, they can be connected to the same journal receiver, if these mailboxes will also be archived. With this distribution method, certain mailboxes can be excluded from archiving. 1. In the Exchange Management Console expand Organization Configuration and select Mailbox. 2. On the right side select the register Database Management. 3. Select the Database for the Mailboxes you want to archive, click right on it and choose Properties. Illustration: Journal Recipient configuration 27
4. Select the register Maintenance. 5. Activate the check box Journal Recipient. 6. Click on Browse and choose the created Email contact and finish with click on OK. Illustration: Select Journal Recipient 28
2.3.4.3 Setting up an SMTP Send connector The Transport for emails that needs to be archived is defined with the smtp send connector. For destination address the IP address of the SMTP connector is needed. This 2nd IP address of REDDOXX appliance must be provided. The configuration of the Aliases will be described in Chapter 3. 1. On the Exchange Management console expand Organization Configuration and select Hub Transport. 2. Click right and select New Send Connector. Illustration: Create new Send Connector NOTE Note that during the delivery via SMTP, in case of failure (including maintenance) of REDDOXX mail depot, the queue on the Exchange server does not send NDRs! 29
3. Enter the name ReddoxxMaildepot. 4. For usage choose Custom. 5. Click Next. Illustration: Introduction 30
2.3.4.3.1 Address Space 1. Click on Add and enter the domain for the Email contact you have created. 2. Click OK and Next. Illustration: Specify Address Space 31
2.3.4.3.2 Network configuration 1. Select the option Route mail trough the following smart host and click Add. 2. Enter the IP address for the SMTP connector. This IP address must also be entered as the IP Alias on the REDDOXX Appliance. Illustration: Network settings 32
2.3.4.3.3 Authentication configuration 1. Select None at the Smart host authentication settings. 2. Click Next and check the configuration. Click New to create the Send Connector and finally Finish. Illustration: Authentication settings 33
2.4 MS Exchange Server 2013 2.4.1 Description In order to archive internal mails with Reddoxx Maildepot, the Exchange 2013 journal needs to be configured. This document covers the journaling with pop3. This ensures, that the envelope header is correctly processed. 2.4.2 Configuration steps 1. 2. 3. 4. Create Journal mailbox Create Journal group and select users Create and configure Journal rule Activate POP3 Service 2.4.3 Configuration of email polling fetched via pop3 2.4.3.1 Create Journal mailbox 1. Login to the exchange webinterface with your administrator credentials. The webinterface is usually https://exchangeip/ecp. 2. Create a new mailbox via recipients mailboxes new. Illustration: Create new mailbox 34
2.4.3.2 Create Journal group and select users A Journal group is needed, because internal mails only for specific users shall be covered with journaling. If this would be done without a journal group, the new healthcheck features of exchange 2013 would also be archived with the Reddoxx Maildepot. 1. A journal group can be created with recipients groups new. Illustration: Create new journal group 2. In the configuration overview you can select a organisaation unit (users) and select all members that shall be used for journaling, do not select the previously created journal user as member. Illustration: Add Members 35
2.4.3.3 Create and configure Journal rule 1. A journal rule can be created with compliance management journal rules new. Illustration: create a journal rule 2. The journal rule needs to be applied to the previously created journal group and for internal mails only. Journal reports will be delivered to the journal mailbox. Illustration: configuration of the journal rule 2.4.3.4 Activate POP3 Service The services Microsoft Exchange POP3 and Microsoft Exchange POP3 Backend services need to be activated in the Exchange 2013 Service snap-in. It is recommended to uses Automatic (Delayed start) as autostart method, as sometimes the services would not start correctly after a reboot when only set to Automatic. 36
3 Configuration of the REDDOXX Appliance 3.1 Configuration of the POP3 connector The configuration of the POP3 connector is described in the Administration manual in section 5.5.7.2 3.2 Preparation of the REDDOXX Appliance to receive Emails on the mail depot SMTP-connector 3.2.1 Configuration of an Alias-IP-Address The configuration of a separate IP address for receiving emails to archive through the SMTP connector, is explained in REDDOXX Administrators manual in section 6.1.4 3.2.2 Configuration of the SMTP connector The configuration of the POP3 connector is described in to the Administration manual in section 5.5.7.1 37