This article describes the process of creating a journal definition. This is the first step in configuring journaling to work with the Mimecast gateway and is required if your subscription has journaling enabled. See the Journaling page for further details of the steps involved.
Journal messages older than 30 days will not be processed and archived. If you require older messages to be part of your archive, contact your customer success manager for ingestion.
Walkthrough
To create a journal definition:
- Log in to the Mimecast Administration Console.
- Select the Archive | Journaling menu item.
- Click on the New Journal Service Definition button:
- Complete the Journal Service Properties section as follows:
| Field / Option | Description |
|---|---|
| Description | Specify a name for the journaling definition (e.g., Exchange Journal Connector). |
| Transport Type | Select the method to be used to retrieve journaled email. To pull email select "POP3" To push email, select "SMTP". The option selected affects the options available in the Connection Properties (see below). |
| Disabled | Leave unselected. If selected, the journal service becomes suspended, and any error conditions related to the connection are reset. This is useful if a journal mailbox is going to be offline for an extended period of time. When the journal mailbox becomes available again, be sure to enable activity before unselecting this option. Changes to this option are recorded in the event log. |
- Complete the Connection Properties section as follows:
| Field / Option | Description |
| Service Email Address | Specify the email address of your journaling mailbox using the following format: journaling@journal.domain.com (where domain.com is the primary SMTP domain). You'll be using this throughout the rest of the journaling configuration process. |
| Mailbox Name | Specify a journal mailbox name. This is the username we use when logging in to the journal mailbox. |
| Password | Specify a journal mailbox password. |
| Hostname / IP Address | Specify the hostname or public IP address where the journal mailbox is housed. This is typically the external IP addresses of the transport service in your environment:
Your firewall must be configured to allow inbound POP3/POP3S traffic from us to this address. |
| Port | Specify the TCP/IP port to be used for the communication. For POP3 this is 110. For POP3S this is 995. |
| Additional Source IP Ranges (n.n.n.n/x) | Specify the IP Addresses from which we will receive journaled messages. These are typically the external IPs of the transport service in the environment. Authorized Outbound IP addresses are automatically allowed therefore, this field can be left blank. This also applies to hosted environments sharing IP addresses or ranges.
Enter IP addresses with a CIDR mask, so ranges can be added in a single line. The proper syntax for a single address is /32. |
| Use SMTP Authentication | If selected, enhanced security features are enabled. Once selected, an additional field is displayed where a password must be entered. This password, along with the journal email address, will be used as the SMTP- AUTH credentials.
To make use of the authentication option, an SMTP Send Connector is required on the Exchange server for SMTP Journaling. |
| Initial Process Delay | Leave the default value of 0, unless you're working on a journaling issue with Mimecast Support. The option determines the time to wait before attempting to match a message to the archive. |
| Delivery Wait Attempts | Leave the default value of 3, unless you're working on a journaling issue with Mimecast Support. The option determines the number of tries the system attempts to match a message before it is archived. |
| Period of Inactivity Allowed (Mins) | Defines how long the SMTP connector is allowed to be inactive without receiving any messages before it is reported as being "down" (default = 180 minutes). Consider the setting carefully according to your Exchange Server environment. For example, if you operate in an environment with low email volumes, the connector is likely to handle a small Exchange database. Therefore, you can set this value to a much higher value than the default to cater for quiet periods (e.g., overnight) and/or smaller email databases. |
| Journal Type |
Mimecast supports journaling of emails in:
|
| Encrypted | Select this if the connection should be encrypted, and journal emails are only pulled using POP3S. |
| Encryption Mode | Strict mode is recommended. Relaxed mode permits encryption with self-signed certificates and other valid certificates, which may not have a complete trust chain. This option can only be set by Mimecast Support. |
| Remove Journal Headers | If selected, potentially sensitive journal headers Microsoft Exchange might have added are removed. Headers that are removed are "X-MS-Exchange-Organization-BCC:" and "X-MS-Exchange-CrossPremises-BCC:". All other headers are respected. |
| Detailed Logging | If selected, detailed logging files are created. This can be useful to allow us to troubleshoot failed journal mailboxes. |
| Prefer Clear Text Version | Enable this option for Active Directory Rights Management Services protected journal items. |
| Extended De-Duplication | Only select this option if internal messages are journaled via a remote/local infrastructure as well as delivered via the Mimecast Gateway. If selected, Mimecast waits 10 minutes for the Gateway item after having received the Internal message via the Journal Connector for de-duplication purposes. This option is not required during a Continuity Event. |
| Remove Journal Headers | Select this option to instruct Mimecast to remove potentially sensitive Journal Headers Microsoft Exchange might have added. Headers that will be removed are "X-MS- Exchange-Organization-BCC" and "X-MS- Exchange-CrossPremises-BCC". All other Headers will be respected. |
| Journal Non Internal Addresses | If selected, items processed by the journal connector that do not hold any internal addresses are archived. |
| Journal Unknown Internal Addresses | If selected, items processed by the journal connector that are sent from or to unknown internal addresses are archived. |
- The Service Status section displays details about your journaling connection:
| Field / Option | Description |
|---|---|
| Service Status | Displays the current status of the journaling service. |
| Last Successful Extract | Displays the date and time of the last successful extract. If there hasn't been a successful extract, "Awaiting Initial Run" is displayed. |
| Processing Queue | Displays the amount of journaled mail received by us that is currently being processed. |
| POP3 Mailbox Queue | Displays the number of emails in the mailbox the last time we connected to the journal mailbox. |
- Click on the Save and Exit button.
Comments
Please sign in to leave a comment.