This article would explain how to implement Exchange 2003 Message Journaling and how to configure Mailspect MPP to archive those messages.
Exchange 2003 Message Journaling
Microsoft Exchange 2003 is providing a native Journaling feature which allows you to archive all incoming and outgoing e-mails for a specific mailbox store. Journaling captures every e-mail that is sent or received by Exchange users in a specific mailbox store. There are 3 types of messages journaling: message-only journaling, bcc journaling and envelope journaling.Â For MPP, we need Envelope Journaling which requires at least Exchange 2003 SP1 and download EXEJCFG.EXE.
Steps to enable Envelope Journaling are described bellow:
1) Create an account for Journaling (i.e. journal).
Start Active Directory Users and Computers (ADUC) and go to your AD domain (example.local) and in Users directory, right click and select New->User
2) Enable Message Archiving.
Start Exchange System Manager (ESM), then right click on the specific Mailbox Store (i.e. mail), click on Properties and check "Archive all messages sent or received by this message store". Then hit Browse and select the Journal account that you created at step 1
Download EXEJCFG.EXE and unpack to a folder of choice, then start command line prompt (Start->Run and write CMD, then hit Enter), cd into the folder containing EXEJCFG.EXE and run: EXEJCFG -e to enable Envelope Journaling.
3) Configure Mailbox Manager to clean Journal account frequently
Start the Exchange System Manager (ESM), go to the Recipient Policies container and create a new Mailbox Manager Settings policy. Create a filter for Journal account in General section (i.e. Alias Is(exactly) Journal), set in Mailbox Manager Settings (Policy) action Delete Immediately and age / size of messages to delete.
4) Create an account on MPP/Postfix Unix server (i.e. mppjournal2k3)
We'll use this account to auto forward messages from Exchange 2003 Journal account and also in MPP archival policy.
5) Enable auto forwarding in Exchange 2003
Start Exchange System Manager (ESM) and navigate to Global Settings. Right click on Default, click on Properties and go to Advanced Section where you should check Allow automatic forward and click Ok.
6) Setup forwarding rule from Exchange Journal account to mppjournal account from remote Unix server
Start Active Directory Users and Computers (ADUC) and create a new Contact in Users (click New Contact). Enter mail address of remove mppjournal account in General->Email and in Exchange Advanced tab choose Hide from Exchange address lists. Open Properties for Exchange Journal account, then go to ExchangeÂ General tab and choose Delivery Options. Choose Forward to and enter mppjournal account name.
Setup MPP/Postfix to archive Journalized mail
For Mailspect MPP we should setup a new policy, using themppjournal recipient as member, using no scanning, and archive enabled.
1) Open web browser and point to MPP GUI (http://host:20001).
2) Navigate to Advanced->Policy engine and create new policy ex2k3_journal: enter ex2k3_journal in Policy text box and hit Add Set Assign Policy based on Recipients, change radion button from Default(none) and enter firstname.lastname@example.org address in the textbox. Click on Save to save policy membership.
3) Navigate to Services->Archival and make sure Policy is set to ex2k3_journal in the top right corner.
In LOCATION OF EMAIL ARCHIVE select archival method of choice, recommended Archive to MySQL database and check to store message content to file path bellow (MySQL DB/tables and privileges for mpp_archive DB should be created before)
In ARCHIVE MESSAGE SETTINGS choose Yes for Archive MS Exchange Journaled Email. Set Action to Discard and Save.
4) Navigate to Advanced -> Scanners and for Scanners to use choose Select scanners in order of usage .. and make sure no scanner is selected (only 1-st combo should exist with empty scanner).
5) Save and restart.
Sample XML code for group is:
<members_addresslist type="recipient">email@example.com</members_addresslist> <scanner> <scan_engines></scan_engines> </scanner> <archive>mysql://USER:PASS@HOST:mpp_archive#/var/MPP/archive/%RAND256%/%RAND256%/</archive> <archive_with_envelope>no</archive_with_envelope> <on_archive_success>discard</on_archive_success> <strip_body_enabled>no</strip_body_enabled>