Journaling - Configuration

Updated

This guide provides a guideline for configuring the Connect Application for Microsoft O365 journaling. This applies to new clients connecting with Mimecast using the Connect Application. If you are not using the Connect Application, click here for customers using Mimecast to archive their messages.

Overview

We automatically archive all inbound and outbound emails. Additionally, you can also configure Mimecast to archive internal emails between users using a process called Journaling.

When using the Connect Application to set up your Journaling on a Microsoft 365 infrastructure, you must manually configure it to work with Mimecast. The Connect Application creates a default journal connector on your Mimecast account, including the following internal journal domain and journal address:

      • Journal Domain: journal.domain.com (where domain.com is the domain your organization provided as your primary mail domain)
      • Journal Address: journaling@journal.domain.com. This address must be the mail attribute for the external contact you create in your Exchange to deliver journal messages.

You must manually add any additional journal connectors, ensuring you use the above journal domain and address.

Your Microsoft 365 tenant domain must be added to the list of internal domains available in the Mimecast Administration Console. See the Configuring Internal Domain / Subdomains page for full details.

Read the Exchange Online Service Description | Microsoft 365 Service Descriptions page on the Microsoft site for information on Microsoft 365 plans that support Journaling. The page describes the Exchange Online Protection (EOP) security feature set most commonly provided with Microsoft 365. This has replaced legacy FOPE services. At this time, Microsoft does not support self-email journaling (journaling from yourself to yourself).

To enable you to set up Microsoft 365 Journaling to work with Mimecast, you must create:

      • External contact in Microsoft 365
      • Microsoft 365 send connector
      • Microsoft 365 journal rule

Creating an External Contact in Microsoft 365

This guide describes the correct navigation through the Classic Exchange Admin Center (Classic EAC). Administrators can choose to use either the Classic EAC or the new Exchange Admin Center (new EAC); however, features and routing will differ from that described in this guide when using the new EAC. For more information, please see the relevant Microsoft documentation here.

You'll need to create an external contact in Microsoft 365 using journaling@journal.domain.com (where domain.com is your primary domain). To create an external contact in Microsoft 365:

  1. Log in to the Microsoft 365 Admin Center.
  2. Click on the menu icon to open the App Launcher.
  3. Click on the Admin App.
  4. Select Show All... from the left-hand menu, listing all available Admin centers.
  5. Click on the Exchange menu item to open the Exchange Admin Center.
  6. Click on the Recipients menu item.
  7. Click on the Contacts sub-menu item.
  8. Click on the + icon.
  9. Click on the Mail Contact menu item.
  10. Complete the New Mail Contact dialog as follows:
Field / Option Description
First Name Enter the first name of the external contact (e.g., SMTP).
Initials This field can be left blank.
Last Name Enter the last name of the external contact (e.g., Journaling).
Display Name Enter the values of the "First Name" and "Last Name" fields (e.g., SMTP Journaling).
Alias Enter an alias for the external contact (e.g., Journaling).
External Email Address Enter the journaling address created by the Connect Application (e.g., journaling@journal.domain.com).
  1. Click the Save button.

Creating the Microsoft 365 Send Connector

To create a Microsoft 365 send connector:

  1. Ensure the Exchange Admin Center is open (see steps 1-5 in the Creating an External Contact in Microsoft 365 section above).
  2. Click the Mail Flow menu item.
  3. Click the Connectors sub-menu item.
  4. Click on the + icon.
  5. Complete the Select Your Mail Flow Scenario dialog as follows:
Field / Option Description
From Select the Office 365 option from the drop-down list.
To Select the Partner Organization option from the drop-down list.
  1. Click the Next button.
  2. Complete the New Connector dialog as follows:
Field / Option Description
Name Provide a name for the Connector (e.g., Microsoft 365 to Mimecast).
Description Optionally, provide a description for the Connector. While this is not compulsory, it is good practice to do so.
Turn It On If this option is checked, the connector is enabled and active.
  1. Click the Next button.
  2. Select the Only When Email Messages are Sent to These Domains option.
  3. Click the + icon to add the recipient domains that should use this connector.
  4. In the Add Domain dialog, specify your journal email domain (e.g., journal.domain.com).
  5. Click on the OK button to return to the New Connector dialog.
  6. Select the Route Email Through These Smart Hosts option.
  7. Click the + icon to add the smart hosts using this connector.
  8. Enter the Primary and Secondary Smart Hosts.

The hostnames for your region are listed in the application.

  1. Click on the Save button to return to the New Connector dialog.
  2. Click on the Next button.
  3. Select the following options:
      • Always use Transport Layer Security (TLS) to secure the connection.
      • Issued by a trusted certificate authority (CA).
  1.   Click the Next button. The connector's details are displayed.
  2. Click the + Icon.
  3. Enter the Journal Email Address created in the journaling profile of your Mimecast account.
  4. Click the Validate button. Disregard any errors in the validation.
  5. Click the Save button.

Creating the Microsoft 365 Journal Rule

To create the Microsoft 365 journal rule:

  1. Log in to the Microsoft Purview Compliance Portal.
  2. Under the Solutions section of the left-hand menu, click on Data Lifecycle Management.
  3. Select Exchange (Legacy).
  4. Click the Journal Rules sub-menu item.
  5. Click New Rule.
  6. Complete the New Journal Rule dialog as follows:
Field / Option Description
Send journal reports to Enter the email address of your journal contact. This address will receive the journal reports.
Journal rule name Enter a name for the journal rule.
Journal messages sent or received from Select the Apply to all Messages option from the drop-down.
Type of message to journal Select the All Messages option from the drop-down.
  1. Click on the Next button to review your settings.
  2. Click Submit.

When prompted, enter an email address to which undeliverable journal reports are sent. The specified email address must meet the following requirements:

      • Microsoft recommends you specify a dedicated email address because the email address used will not have its mail journaled.
      • The email address must be in your domain because it is the From address when O365 journals the messages to Mimecast.

Related to

Was this article helpful?
1 out of 3 found this helpful

Comments

0 comments

Please sign in to leave a comment.