SaaS Email Archiving for Microsoft Exchange Server 2013 · Setting up Exchange Server 2013 Configure and enable the journal mailbox that you use to archive email. Tasks • Add a

Setup GuideRevision A

McAfee SaaS Email Archiving ServiceConfiguring Microsoft Exchange Server 2013

About Email Archiving for MicrosoftExchange Server

The McAfee SaaS Email Archiving service stores email messages from a journal mailbox on yourMicrosoft Exchange Server and associates those messages with user accounts. Users can then log onto the Control Console and view their archived messages. Additionally, Email Archiving allows you tostore all of your previously sent and received messages using a historical mailbox.

The role of envelope journaling in archiving messagesEmail Archiving requires that you enable the envelope journaling feature of your Microsoft ExchangeServer.

The journaling feature of Exchange Server creates a copy — or journal — of all the email messagesthat the server sends or receives. Using envelope journaling ensures that the BCC and distribution listrecipients are captured and archived in addition to the primary sender and recipient.

After journaling is enabled, the Exchange Server sends copies of all email to a dedicated mailboxcalled the journal recipient mailbox. From here, the Email Archiving service can retrieve your emailand archive it.

Email Archiving stores messages for a user even after that user has been removed from the ActiveDirectory and the Exchange Server.

Associating messages with users in Email ArchivingEmail Archiving automatically associates newly archived email messages with user accounts in theControl Console. This process ensures that individual users are able to view their archived messages inthe Email Archiving tab of the Control Console.

1

Archiving historical messagesYou can archive historical messages in addition to your active mail, however the process for historicalmessages does not use journaling.

Historical messages include all of the messages that were on your mail server before setting up EmailArchiving. In order to archive these messages, you can:

• Pay for the Managed Import Service — ask your sales representative for details.

• Upload historical messages by setting up a designated historical mail source in the Control Console— at no extra charge.

If you choose to upload historical messages, complete these activities:

• Create a user mailbox on the Exchange Server and place your historical messages into the inbox.

• Set up a Historical Mail Source in the Control Console and connect it to your historical mailbox.

• Enable the Historical Mail Source. Messages that are placed into the inbox of your historical mailboxare then automatically imported into Email Archiving. After they are archived, your messages aredeleted from the historical mailbox. Messages in subfolders are not imported.

For more information, see the McAfee SaaS Email Archiving Administrator Guide or the ControlConsole Help.

Do not turn on journaling for your historical mailbox.

Preparing for setupComplete the following tasks before configuring the journaling mailbox in Exchange Server.

• Add your users in the Account Management tab of the Control Console — Adding your users before youconfigure Email Archiving ensures that your users have access to their archived mail. Otherwise,access is restricted to the Customer Administrator.

• Verify that the Email Archiving service IP address space can communicate with your network —check with your Firewall/Intrusion Prevention System vendor if you have questions.

• Set the maximum message size in Exchange Server to 50 MB —Email Archiving supports messagesup to 50 MB.

• Select a journaling type.

• Standard — Standard journaling is easier to implement and allows you to quickly enablejournaling for all the users on a storage database. If you want to archive all of your users,McAfee recommends setting up standard journaling on each of your storage databases.

• Premium — Premium journaling is more complex to implement, but it allows you to set uprules-based journaling. For example, you can enable journaling for specific users on a database.Premium journaling also requires that you purchase an Exchange Server Enterprise client accesslicense (CAL). Finally, you should configure journaling agents on the appropriate Hub Transportservers.

IMAP is the recommended protocol for all setup activities in Email Archiving.

2

Setting up Exchange Server 2013Configure and enable the journal mailbox that you use to archive email.

Tasks• Add a journal mailbox on page 3

Create a journal mailbox on your server.

• Configure the journal mailbox on page 6Edit the default configuration of the new mailbox.

• Set up journaling on page 15Configure the system to use your journal mailbox for journaling purposes.

• Configure additional server options on page 18Complete additional security and journaling configuration options.

Add a journal mailboxCreate a journal mailbox on your server.

Tasks• Access the administrative center on page 3

Go to the admin center and logon with your credentials.

• Add a recipient mailbox on page 5Create a mailbox and designate it as the journal mailbox.

Access the administrative centerGo to the admin center and logon with your credentials.

Task1 Navigate to the administrative center.

You can open the site directly from the server or from a browser on the network.

• Select Start | All Programs | Microsoft Exchange Server 2013 | Exchange Administrative Center.

• Open your browser and navigate to the server. For example, https://exchange-2013.example.com.

The Exchange Administrative Center page appears.

2 Log on to the site.

3

a Enter your domain and user name.

Use the format: exampledomain\examplename

b Enter your password.

3 Click sign in.

The Exchange Administrative Center page opens to the list of mailboxes.

4

Add a recipient mailboxCreate a mailbox and designate it as the journal mailbox.

Task1 On the left, click recipients. Across the top, click mailboxes.

This page is the default view when you first log on.

2 Click the + icon to add a mailbox, select User mailbox.

The new user mailbox window appears.

5

3 Complete the required fields for the new user mailbox.

Field Action

Alias Enter the alias. For example, journalmailbox.The alias is the part of the email address to the left of the @ sign. It must beunique.

New user Select New user.

Display name Enter the display name. Use the same name as the alias.

Name Enter the name. Use the same name as the alias.

User logon name Enter the user logon name. Use the same name as the alias.

New password Enter the password for the user logon.

Confirm password Enter the password again to confirm.

4 Click save.

The new mailbox appears in the list.

Configure the journal mailboxEdit the default configuration of the new mailbox.

6

Tasks• Hide the journal mailbox on page 7

Modify the journal mailbox so that it does not appear in your address lists.

• Set the maximum message size on page 8Configure the maximum message size to 50 MB.

• Restrict mail flow to the journal mailbox on page 10Prevent incoming mail from being sent directly to the mailbox by updating the messagedelivery restrictions.

• Remove storage limits that apply to the journal mailbox on page 13Modify the settings that limit the size of the mailbox and the retention period to ensure thatall messages are archived.

Hide the journal mailboxModify the journal mailbox so that it does not appear in your address lists.

Hiding the address helps prevent unwanted email from going directly to the mailbox.

Task1 Edit the journal mailbox.

a Log on to the Exchange Administrative Center.

b On the left, click recipients, across the top, click mailboxes.

c Select the display name for your journal mailbox and click the edit icon.

The user mailbox window appears.

7

2 Select the Hide from address lists checkbox.

3 Click save.

The edit window closes and the mailbox list refreshes.

Set the maximum message sizeConfigure the maximum message size to 50 MB.






8

2 On the left, click mailbox features.

3 Scroll down to Mail Flow and under Message Size Restrictions, click View details.

The message size restrictions window appears.

4 Set restrictions.

9

a Under Received messages, select Maximum message size (KB):.

b Enter 50000.

c Click ok.

The window closes.

5 Click save.


Restrict mail flow to the journal mailboxPrevent incoming mail from being sent directly to the mailbox by updating the message deliveryrestrictions.






10

2 On the left, click mailbox features.

3 Scroll down to Mail Flow and under Message Delivery Restrictions, click View details.

The message delivery restrictions window appears.

11

4 Under Accept messages from:, select Only senders in the following list.

5 Click + to add select an email address.

The Select Members window opens.

12

6 Select the display name for the journal mailbox, click ok.

The window closes.

7 Click ok again.

The window closes.

8 Click save.


Remove storage limits that apply to the journal mailboxModify the settings that limit the size of the mailbox and the retention period to ensure that allmessages are archived.






13

2 On the left, click mailbox usage.

3 Click the more options... link.

Options for quota settings and retention settings appear.

4 Select Customize the quota settings for this mailbox.

The remaining drop-downs are active.

5 Select unlimited for each value.

• *Issue a warning at (GB)

• *Prohibit send at (GB)

• *Prohibit send and receive at (GB)

6 Select Customize the retention settings for this mailbox.

7 Enter a large value in the field for *Keep deleted items for (days).

Give the system enough time for messages to be archived before they are discarded.

For example, a value of 365 would give the system up to a year to complete archiving.

8 Click save.


14

Set up journalingConfigure the system to use your journal mailbox for journaling purposes.

Complete one of the following tasks depending on the type of journaling you want to use.

• Standard journaling — enable journaling on the server.

• Premium journaling — configure a global journal rule.

Tasks• Enable journaling on the server on page 15

Configure the mailbox database and select your journal maibox.

• Configure a global journal rule on page 16Create a rule to journal all messages on the server.

Enable journaling on the serverConfigure the mailbox database and select your journal maibox.

Task1 Log on to the Exchange Administrative Center.

2 On the left, click servers. Across the top, click databases.

3 Select the mailbox database and click the edit icon.

The Mailbox database window appears.

15

4 On the left, click maintenance.

5 Click browse... to select a journal recipient.

6 Select the name of journal mailbox and click ok.

7 Click save.

Configure a global journal ruleCreate a rule to journal all messages on the server.

Before you beginTo use premium journaling, you must have an Enterprise Client Access License (CAL).


2 On the left, click compliance management.

The page refreshes.

16

3 Across the top, click journal rules.

4 Click the + icon to add a journal rule.

The Journal Rule window appears.

5 Select options for the rule.

17

• *Send journal reports to: — Enter the email address for your journal mailbox. For example,[email protected]

• Name: — Give the rule a name. For example, Global Journaling Rule.

• *If the message is sent to or received from... — Select [Apply to all messages].

• *Journal the following messages... — Select All messages.

6 Click save.

The new rule appears in the list.

Configure additional server optionsComplete additional security and journaling configuration options.

Tasks• Verify that TLS is selected for IMAP on page 18

Ensure that you are using a secure TLS connection for IMAP4.

• Block the journaling of health-monitoring emails on page 19Select a work-around to prevent the server from journaling health monitoring probes.

Verify that TLS is selected for IMAPEnsure that you are using a secure TLS connection for IMAP4.


2 On the left, select servers.

The server list appears.

3 Select your server name and click the edit icon.

The Exchange Server window appears.

4 On the left, select IMAP4.

The IMAP4 configuration appears.

5 Review your configuration.

18

• Verify that the Logon method value is Secure TLS connection.

• Verify that the Banner string value is The Microsoft Exchange IMAP4 service is ready.

6 Click save.

Block the journaling of health-monitoring emailsSelect a work-around to prevent the server from journaling health monitoring probes.

The most effective work-around is to use a global override. This process disables the probes theemails.

For more information, read the Microsoft KB article, Managed Availability messages are journaled inExchange Server 2013. http://support.microsoft.com/kb/2823959

Task1 Run Start | Exchange Management Shell | Run as Administrator.

The Exchange Management Shell opens.

2 Enter the following commands:

Add-GlobalMonitoringOverride -Identity "FrontendTransport\OnPremisesSmtpClientSubmission" -PropertyName Enabled -PropertyValue 0 -ApplyVersion "15.0.620.29" -ItemType Probe

Add-GlobalMonitoringOverride -Identity "MailboxTransport\Mapi.Submit.Probe" -PropertyName Enabled -PropertyValue 0 -ApplyVersion "15.0.620.29" -ItemType Probe

Add-GlobalMonitoringOverride -Identity "FrontendTransport\OnPremisesInboundProxy" -PropertyName Enabled -PropertyValue 0 -ApplyVersion "15.0.620.29" -ItemType Probe

19

http://support.microsoft.com/kb/2823959

3 Restart the following services:

• Microsoft Exchange Diagnostics

• Microsoft Exchange Health Manager

Copyright © 2014 McAfee, Inc. Do not copy without permission.

McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States andother countries. Other names and brands may be claimed as the property of others.

20 A00

Documents

SaaS Email Archiving for Microsoft Exchange Server 2013 · Setting up Exchange Server 2013 Configure and enable the journal mailbox that you use to archive email. Tasks • Add a