Skip to main content
My preferencesSign out
Proofpoint, Inc.

Configuring Journaling for Exchange 2013/2016

Situation You are setting up journaling on Exchange 2013/2016 and want to know your options and how to implement them.
Solution

See below for information on:

  • Configuring Remote (SMTP) Journaling for Exchange 2013/2016
    • Configuring an External Contact
    • Configuring a Send Connector
    • Configuring Journaling
    • Choosing an Alternate Journal Mailbox (2016 Exchange Only)
  • Configuring Standard Journaling for Exchange 2013/2016
    • Creating a New User Account and Journaling Mailbox
    • Configuring Exchange Journaling
  • Configuring Journaling Remote Domain for Exchange 2013/2016

About Journaling in Exchange 2013/2016

Exchange 2013/2016 provides several methods for journaling, including:

  • Remote (SMTP) journaling (recommended), where a copy of all email sent to/received by mailboxes in your organization is sent to an external SMTP address. (Proofpoint Essentials provides this address.)
  • Standard journaling, where a copy of all email sent to/received by the mailboxes in your organization is sent to a local mailbox. (Proofpoint Essentials connects to the mailbox via an IMAP connection.)

While the Essentials Email Archive supports both methods, remote (SMTP) journaling is recommended.

Configuring Remote (SMTP) Journaling for Exchange 2013/2016

Configuring an External Contact

Remote Journaling should be enabled directly to a Proofpoint Essentials SMTP contact, not by using the forwarding rule.

  1. In the Exchange Admin Center, navigate to Recipients > Contacts.
  2. Click + then Mail Contact.
  3. Enter a first name (e.g. SMTP), last name (e.g. Connection), display name (e.g. SMTP Connection), name (e.g. SMTP Connection), and alias (e.g. Journaling).
  4. in the External email address field, enter the email address of the SMTP address provided when you created a connection in Proofpoint Essentials (e.g. uniqueaddress@us.earchive.cloud).
  5. Click Browse and select the desired Organization unit.
  6. Click Save.

Configuring a Send Connector

  1. In the Exchange Admin Center, navigate to Mail Flow > Send Connectors.
  2. Click + and add a Send Connector.
  3. Enter a descriptive Name for the connector.
  4. For Type, select Custom, then click Next.
  5. Under Network settings select MX record associated with recipient domain, then click Next.
  6. Click + to edit Address space.
  7. Set Type to SMTP.
  8. For Full Qualified domain name (FQDN): enter *.earchive.cloud.
  9. Set Cost field to 1.
  10. Click Save, then Next.
  11. Click + to edit Source server.
  12. Select the transport server(s) that will be associated with the connector.
  13. Click Add, then OK, then Finish.
  14. Check the new archive send connector properties
    1. Click Edit (pencil icon).
    2. Change Maximum send message size to unlimited.

      By default a 35mb size is set on the connector.

Configuring Journaling

  1. In the Exchange Admin Center, click Compliance Management (in the list on the left).
  2. Click the Journal Rules tab.
  3. Add a new journal rule by clicking +.
  4. In the Send journal reports to field, enter the email address of the journaling mailbox created when you added an SMTP connection in Proofpoint Essentials (e.g. uniqueaddress@us.earchive.cloud).
  5. Enter a descriptive Name for the rule.
  6. From the If the message it sent to or received from... list, select Apply to all messages.
  7. From the Journal the following messages... list, select All messages.
  8. Click Save.

Choosing an Alternate Journaling Mailbox (Exchange 2016 Only)

It is recommended that you specify an alternate journaling mailbox in case the SMTP connection stops accepting traffic. You can then create an IMAP connection to collect any messages that were not sent via SMTP.

  1. In the Exchange Admin Center, click Compliance Management (in the list of the left)
  2. Click the Journal Rules tab.
  3. Click Select Address next to Send undeliverable journal reports to.
  4. In the NDR for undeliverable journal reports window that opens, click Browse.
  5. Select a mailbox in the dialog box and click OK.
  6. Click Save.

Configure Standard Journaling for Exchange 2013/2016

A new user account and a mailbox is needed for the journaling mailbox. If you have separate Exchange Servers, you may need a separate user account/mailbox per storage group and/or Exchange Server.

The journal account should not have any size restrictions applied to it. In addition, no Exchange Server rules should be applied to the account, especially rules that might move or delete messages from the account or move them to another folder such as Junk Mail.

Creating a New User Account and Journaling Mailbox

  1. While logged into the ECP web portal, click Recipients in the left panel.
  2. Click the mailboxes on the right panel.
  3. Click + and select User Mailbox.
  4. In the popup window, click New user.
  5. Enter the Alias, First Name and Last Name for this account.
  6. Browse to select the Organization Unit in which you want to create the account.

 If you leave this blank, the account will be created under the default organization unit.

  1. Enter the User logon name.
  2. Enter and verify a password.
  3. Set the Require password change on next login options in accordance with your company’s policies.
  4. Browse to the Mailbox database in which you want to create the account.

If you leave this blank, the account will be created under in the default mailbox database.

  1. Click Save.
  2. Select the mailbox you just created and click the Edit icon.
  3. On the Mailbox Features tab (left panel), under Message Delivery Restrictions, click View details.
  4. For Accept message from, select Only senders in the following list, click + and select the mailbox created earlier.
  5. For Reject message from, ensure No senders is selected.
  6. Click OK, then Save.
  7. Log in to the new account using OWA to have Exchange initialize the mailbox.

Configuring Exchange Journaling

  1. While logged into the ECP web portal, click Compliance Management in the left panel.
  2. Click Journal Rules in the right panel.
  3. Click + to create a new journal rule.
  4. In the Send journal reports to field, enter the email address of the journal mailbox (created in the previous step).
  5. In the Name field, enter a descriptive name (e.g. Journal to Essentials Archive) for the journaling rule.
  6. Choose the appropriate option from the If the message is sent to or received from list.
  7. Choose the appropriate option from the Journal the following messages list.
  8. Click Save.

Configuring Journaling remote domain For Exchange 2013/2016

The Proofpoint Essentials Email Archive requires the data NOT be sent in Rich Text Format.
You'll need to setup a remote domain. Open the Exchange Management Shell. 
Execute the following command to create the remote domain; this command ensures TNEF encoding is disabled

The example assumes the SMTP address is on the earchive.cloud domain. You may have been issued with another domain and should use it to configure your environment properly.

  1. New-RemoteDomain -DomainName earchive.cloud -Name "Proofpoint Essentials Archiver Domain" 
  2. Get-RemoteDomain | Where {$_.DomainName -eq "earchive.cloud"} | Set-RemoteDomain -TNEFEnabled $false
  3. Verify the settings with the following command: Get-RemoteDomain | Where {$_.DomainName -eq "earchive.cloud"} |Format-table Name, DomainName, TNEFEnabled