Journaling - Configuring Lotus Domino

Updated

While Lotus Domino can function with Mimecast, it is important that customers consider that customer support teams cannot support it.  These instructions are provided as a guide only for customers.

This article contains information on enabling and configuring journaling in Lotus Domino and Mimecast, including steps for creating journal connectors, configuring journaling rules, and setting up DNS authentication for secure email management.

When the Journaling feature is enabled in Lotus Domino, messages are inspected to see if they match the rules configured on each Lotus Domino Server. If a message matches one of the rules, a copy is created and forwarded to the mail-in database, which can be stored locally or on a remote server.

To minimize the overall load on the network, each server can be configured to journal a specific group/user set or specific messages. The task must be configured to enable Journaling and a Rule is created to activate the task. Mimecast fully supports this configuration for journal and directory services.

Enabling Journaling in Lotus Domino

If your Mimecast subscription includes the Journaling feature, and your service was provisioned after the 26th of March 2015, you will find a Journal Connector already created, including an internal journal domain and journal address. The Journal Domain is automatically created as journal.domain.com, where domain.com is the domain your organization provided as your primary mail domain. The Journal Contact is automatically created as journal@journal.domain.com. Use this address as the mail attribute for the external contact to send journal messages. If your Mimecast service was provisioned before this date, or you want to add an additional journal connector, you must manually add a journal domain, address, and connector.

To create a Journal Connector in Lotus Domino:

  1. Open the Lotus Domino Administrator.
  2. Select the Configuration tab.
  3. In the left-hand panel, expand the Messaging group.
  4. Click on Messaging Settings.
  5. Select the Advanced... tab.

Configuring Lotus Domino Journaling

  1. On the Journaling tab, edit the fields below:
Field / Option Value
Journaling Enabled
Method Send to mail-in database
Mail Destination Type an external email address, e.g., journaling@journal.domain.com

 

This should match the journaling address under Directories | Internal Directories in the Mimecast Administration Console.
Journal Recipients Enabled
  1. Click Save & Close.

Configuring Journaling Rules in Lotus Domino

Configuring Lotus Domino Journaling

To configure Journaling Rules in Lotus Domino:

  1. Open the Lotus Domino Administrator.
  2. Select the Configuration tab.
  3. In the left-hand panel, expand the Messaging group.
  4. Select Configurations. The Server Mail Rule - New Rule popup box displays:
  5. Click the Add Action button.
  6. Click OK to close the dialog box.
  7. Click the Save & Close button.

For a full configuration and resource guide, visit the Domino Journaling page on IBM's site.

Configuring a Journal Definition in Mimecast

Once the server has been configured, provide Mimecast Support with the external SMTP recipient address for journaling. The Support team will add this domain to your account to ensure emails are accepted. After this, you'll need to create a Journal definition in Mimecast as below.

To configure a Journal definition:

  1. Log on to the Administration Console.
  2. Navigate to Services | Journaling menu item.
  3. Click on the New Journal Service Definition button.
  4. Enter a relevant name for the definition in the Journal Service Properties | Description field:

Configuring Lotus Domino Journaling_1

  1. Select SMTP from the Transport Type drop-down menu.
  2. Under Connection Properties, enter a Service Email Address. This was created when the account was built using the following format:  journaling@journal.domain.com (where domain.com is the primary SMTP domain).
  3. In the Additional Source IP Ranges field, enter the IP addresses from which Mimecast will receive Journaled messages. These are typically the external IPs of the Transport Service in the environment.

Authorized Outbound IP addresses are automatically allowed; this field can be left blank. This also applies to hosted environments sharing IP addresses or ranges. IP addresses should be entered into this field with a CIDR mask to add ranges in a single line. The proper syntax for a single address is /32.

 

Configuring Lotus Domino Journaling_2

  1. From the Journal Type drop-down menu, select Standard EML Format.
  2. Mimecast supports the Journaling of emails (EML) in standard MIME format (without the EEJ wrapper), and emails journaled in EEJ format. Standard emails (EML) files can only be assigned to mailboxes based on the message headers. Other optional configurations on the page are:
Field / Option Description
Disabled

 

Changes made to this checkbox are recorded in the event log

 Allows journal services to be taken offline without removing the Journal Service Definition. Using the disabled option will result in the journal service being suspended, and any error conditions related to the connection will be reset. This is useful if a journal mailbox is going to be offline for an extended period of time. When the journal mailbox is once again available, enable activity before removing the check.
Use SMTP Authentication It can be enabled for enhanced security features. Once checked, this produces an additional field where a password should be entered. This password and the journal email address will be used as the SMTP-AUTH credentials.

 

An SMTP Send Connector is required on the Exchange server for SMTP Journaling to use the authentication option.
Initial Process Delay Advanced configuration options should be left as the default values (default = 0) unless working on a Journaling issue with Mimecast Support. Determines the time to wait before matching a message to the archive.
Delivery Wait Attempts Advanced configuration options should be left as the default values (default = 3) unless working on a Journaling issue with Mimecast Support. Determines the number of tries the system attempts to match a message before it is archived.
Period of Inactivity Allowed Defines how long the SMTP connector can be inactive without receiving any messages before it is reported as being "down" (default = 180 minutes). Consider the setting carefully according to your Exchange Server environment. For example, if you operate in an environment with low email volumes, the connector will likely handle a small Exchange database. Therefore, you can set this value to a much higher than the default to cater for quiet periods (e.g., overnight) and/or smaller email databases.
Encrypted This checkbox is selected by default, but it is not required. If checked, Mimecast will only accept Journal messages over TLS. Journal messages not sent over TLS will be rejected.
Prefer Clear Text Version Enable this option for Active Directory Rights Management Services protected journal items.
Extended de-duplication Only enable this option if Internal messages are journaled via remote/local infrastructure and delivered via the Mimecast Gateway. When enabled, Mimecast will wait 10 minutes for the Gateway item after receiving the Internal message via the Journal Connector for de-duplication purposes. This is not required during a continuity event.
Remove Journal Headers Enable this option to instruct Mimecast to remove potentially sensitive Journal Headers Microsoft Exchange might have added. Headers that will be removed are:
  • X-MS-Exchange-Organization-BCC:
  • X-MS-Exchange-CrossPremises-BCC:
All other headers will be respected.
Journal Non-Internal Addresses When enabled, items processed by the Journal Connector that do not hold any internal addresses will be archived.
Journal Unknown Internal Addresses When enabled, items processed by the Journal Connector that are sent from or sent to unknown internal addresses will be archived.
  1. Once completed, click the Save and Exit button.

Configuring a Journal Sub Domain in Mimecast

Configuring Lotus Domino Journaling_3

Now that the journal.domain.com email address is set, you must add the journal subdomain to Mimecast. To accomplish this:

  1. Log on to the Administration Console.
  2. Navigate to Directories | Internal Directories menu item.
  3. Click on the Register New Domain button. This displays a 3 stage wizard process.
  4. Review the information, then type the name of the new domain in the Domain Name field:
  5. Click the Get Verification Code button to continue.
  6. The Domain Verified page displays. Step 2 (Add DNS Record) is skipped because your parent domain already exists. Click the Finish button to close the wizard.

Configuring Lotus Domino Journaling_4

If you need to edit the subdomain, see the Email Domains section for more information.

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.