View
12
Download
0
Category
Preview:
Citation preview
Connect With Confidence
Astaro GmbH & Co. KG – a Sophos company • Amalienbadstr. 41 / Bau 52 • 76227 Karlsruhe T: +49 721 255 16 0 • F: +49 721 255 16 200 • www.astaro.com
Astaro Mail Archiving – Getting Started Guide
GSG v1.3
About this Getting Started Guide
The Astaro Mail Archiving Service is an archiving platform in the form of a fully
hosted service. E-mails are transferred to the archive directly via your local e-mail
server, and your local network does not require any extra software or hardware
components.
This getting started guide contains the basic configuration steps for
connecting Microsoft Exchange servers, although they may also be
followed for SMTP, POP3, or IMAP mail servers.
Further information and guidance can be found on the Astaro forum at
http://www.astaro.org/
Astaro Mail Archiving GSG v1.3
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
2
Contents
Initial Configuration ............................................................ 3
Connecting E-mail Servers .................................................. 4
MS Exchange Server 2003 .......................................................................... 4
a) Journaling Mailbox with SMTP Forwarding ........................................... 4
b) Journaling Mailbox with POP3/IMAP Access ......................................... 5
c) Mail-enabled Contact ........................................................................ 5
MS Exchange Server 2007/2010 ................................................................. 6
a) Forwarding with SMTP (preferred) ..................................................... 6
b) Journaling Mailbox with POP3/IMAP Access ......................................... 7
Journaling for Mailbox Database (Standard Journaling) ............................. 7
Journaling for Recipients (Premium Journaling) ....................................... 7
Other Mail Servers ..................................................................................... 7
a) Forwarding with SMTP ...................................................................... 7
b) Mailbox with POP3/IMAP access ......................................................... 8
Astaro Mail Archiving GSG v1.3
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
3
Initial Configuration
A web-based interface, the Astaro Archive Manager, has been created to help you install the Astaro mail archive
and can be found at:
https://<client name>.eu.archive.astaro.net/ArchiveManager
Log in here with the username and password you obtained with the registration e-mail.
When carrying out the initial configuration you need to agree to the terms and conditions of the license.
Once you have successfully logged in, click on Configuration and Message Source to access the route
configuration menu for archiving e-mails.
Configuring the message source
You can transfer the e-mails you wish to the archive using the SMTP protocol or poll a suitable journaling
mailbox using the POP3 or IMAP protocol. Both methods are in use in the example shown above. In practice,
however, you should only choose one of the two methods. The following sections contain more information on
this topic.
Astaro Mail Archiving GSG v1.3
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
4
Connecting E-mail Servers
There are two ways of connecting a Microsoft Exchange server to the archiving service: envelope journaling or
standard journaling. Envelope journaling uses information contained in the envelope of an e-mail, whereas
standard journaling simply uses the e-mail’s From, To, and CC fields to assign e-mails to users. Using envelope
journaling has the following advantages:
Using envelope journaling has the following advantages:
• Information about the actual sender and recipient of an e-mail is provided.
• BCC recipients are included.
• Internal distribution lists are expanded and individual recipients are automatically saved in the archive.
• Recipients included in external mailing lists are also recognized (for incoming e-mails).
Envelope journaling can be explicitly activated in MS Exchange Server 2003 and is the standard method of
journaling using MS Exchange Server 2007.
Please note: If there is an Astaro Security Gateway in front of the Exchange server whose SMTP proxy works
in transparent mode, you need to add the customer hostname to the transparent mode skiplist.
MS Exchange Server 2003
This section contains the most important configuration steps for the journaling function in Exchange Server
2003. More information can be obtained directly from Microsoft: Journaling with Exchange Server
Journaling can be activated for each mailbox store (except for public folders). All incoming and outgoing e-mails
are then sent from the Exchange server to an additional recipient. Depending on the configuration, this can be
either a special journaling mailbox or a mail-enabled contact.
The following table provides an overview of the possible configurations:
Exchange 2003
Standard Edition Exchange 2003
Enterprise Edition
Journaling mailbox with SMTP forwarding
�/� �/�
Journaling mailbox with POP3/IMAP access
�/� �/�
Mail-enabled contact �/� �/�
�/�: Standard journaling / envelope journaling available
a) Journaling Mailbox with SMTP Forwarding
1. Set up a new mailbox store for the journaling mailbox (more information). Journaling must not be
activated for this mailbox, otherwise mail loops will occur. The store needs to be mounted before you
can use it.
2. In the Active Directory, create a new user with a mailbox in the mailbox store that has just been
created. The mailbox will be used later as a journaling mailbox.
Astaro Mail Archiving GSG v1.3
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
5
3. Create a new SMTP connector (more information):
• Smart Host: <client name>.eu.archive.astaro.net
• Address space: <client name>.eu.archive.astaro.net (SMTP)
• Outbound security:
o Basic authentication
o Username: <client name>
o Password: Choose a secure password. This must be the same as the SMTP password
in Astaro ArchiveManager.
o TLS encryption: activated
4. On a client computer, configure an Outlook profile with the journaling mailbox (Control Panel � Mail �
Show Profiles). The profile is only needed temporarily for the configuration process.
Now create a new rule for the mailbox (more information):
• No conditions (use rule for all mail)
• Forward to <client name>@<client name>.eu.archive.astaro.net
(Note: Do not forward the e-mail as an attachment.)
• Move to: Deleted Items
5. Create recipient guidelines to tidy up the deleted objects in the journaling mailbox (more information).
6. Ensure that the option Allow Automatic Forwarding is enabled in menu Global Settings � Internet
Message Formats � Advanced.
7. Activate journaling for the desired mailbox store and select the journaling mailbox as the recipient
(more information).
b) Journaling Mailbox with POP3/IMAP Access
1. In the Active Directory, create a new user with a mailbox. The mailbox will be used later as a
journaling mailbox. In case you have had Journaling configured with SMTP, you need to disable the
forwarding rule in Outlook.
2. Ensure that the relevant service is activated and can be accessed externally. We recommend using
SSL.
3. Activate journaling for the desired mailbox store and select the journaling mailbox as the recipient
(more information).
c) Mail-enabled Contact
1. Create a mail-enabled contact with the e-mail address
<clientnname>@<clientname>.eu.archive.astaro.net (more information).
2. Create a new SMTP connector (more information):
• Smart Host: <client name>.eu.archive.astaro.net
• Address space: <client name>.eu.archive.astaro.net (SMTP)
• Outbound security:
o Basic authentication
o Username: <client name>
Astaro Mail Archiving GSG v1.3
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
6
o Password: Choose a secure password. This must be the same as the SMTP password
in ArchiveManager.
o TLS encryption: Activated
3. Activate journaling for the desired mailbox store and select the mail-enabled contact as the recipient
(more information).
MS Exchange Server 2007/2010
This section contains the most important configuration steps for the journaling function in Exchange Server
2007. Since the configuration is quite similar, the instructions can also be followed for configuring Exchange
Server 2010. More information can be obtained directly from Microsoft:
Transport Policy and Compliance Agents,
Managing Journal Rules,
White Paper: Exchange 2007 Transport Journaling
Additionally, for Exchange Server 2010, you can find a detailed description with screenshots at the Astaro
Knowledgebase.
Journaling can be activated for each mailbox database (standard journaling) or for each recipient (premium
journaling). However, the latter requires an Exchange Enterprise Client Access License (CAL). Standard
journaling should not be confused with standard journaling in Exchange Server 2003. Exchange Server 2007
and 2010 always uses envelope information.
E-mails can be forwarded directly to the Astaro Mail Store using SMTP or be polled via a journaling mailbox
using POP3/IMAP.
a) Forwarding with SMTP (preferred)
1. Create a new mail contact (more information):
• Name: e.g. SMTP journal recipient
• Alias: e.g. journal-smtp
• External e-mail address: <client name>@<client name>.eu.archive.astaro.net
2. Configure the message delivery restrictions for the mail contact (more information):
• Accept messages from: Microsoft Exchange
• Require that all senders are authenticated: Activated
3. Create a new send connector (more information):
• Intended use: Custom
• Address space: <client name>.eu.archive.astaro.net
• Smart Host: <client name>.eu.archive.astaro.net
• Authentication:
o Basic Authentication over TLS: Activated
o User name: <client name>
Astaro Mail Archiving GSG v1.3
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
7
o Password: Choose a secure password. You will need this password again later when
you configure the Astaro Mail Store.
b) Journaling Mailbox with POP3/IMAP Access
1. Set up a new journaling mailbox (more information).
• Mailbox type: User mailbox
• Create mailbox for: New user
• Name: e.g. journaling mailbox
• User log-on name: e.g. journal
• Password: Choose a secure password. You will need this password again later when you
configure the Astaro Mail Store.
2. Configure the message delivery restrictions for the journaling mailbox (more information):
• Accept messages from: Microsoft Exchange
• Require that all senders are authenticated: Activated
3. Ensure that the relevant service is activated and can be accessed externally. We recommend using
SSL.
Journaling for Mailbox Database (Standard Journaling)
Activate journaling for the desired mailbox database (more information). Enter the newly created mail contact
or the newly created journaling mailbox as the recipient.
Journaling for Recipients (Premium Journaling)
Create one or more journal rules (more information). Enter the newly created mail contact or the newly created
journaling mailbox as the recipient.
Other Mail Servers
The Astaro mail archiving service can also be connected to other mail servers. However, in this case, only
standard journaling is available. Envelope journaling is a specific feature available only in connection with MS
Exchange servers. Two set-up scenarios are described below. For further information, please consult your mail
server documentation.
a) Forwarding with SMTP
To do this, a BCC copy of every e-mail must be sent to <client name>@<client name>.eu.archive.astaro.net.
The domain <client name>.eu.archive.astaro.net must have its own mail transport, configured with the
following characteristics:
• Smarthost: <client name>.eu.archive.astaro.net
Astaro Mail Archiving GSG v1.3
© 2011 Astaro GmbH & Co. KG – a Sophos company. Subject to change without notice.
8
• Authentication with <client name> as the username and the SMTP password from ArchiveManager as
the password.
• TLS encryption
b) Mailbox with POP3/IMAP access
Create a mailbox to which copies of every e-mail are stored. The mailbox can then be called up from the Astaro
mail archiving service.
Recommended