Exchange 2013 – Enterprise Vault SMTP Journal Archiving(en-GB)
Hi all,
Journaling is the ability to record all communications, including email communications, in an organization for use in the organization’s email retention or archival strategy. To meet an increasing number of regulatory and compliance requirements, many organizations must maintain records of communications that occur when employees perform daily business tasks.
Mailbox archiving is slightly different from journaling. Mailbox archiving refers to backing up the data, removing it from its native environment, and storing it elsewhere, therefore reducing the load of data storage. Policies can be used to determine what kind of messages are archived. For instance, you can archive messages older than 6 months etc.
The following list illustrates some of the more well-known regulations where journaling may help.
– Sarbanes-Oxley Act of 2002 (SOX)
– Security Exchange Commission Rule 17a-4 (SEC Rule 17 A-4)
– National Association of Securities Dealers 3010 & 3110 (NASD 3010 & 3110)
– Gramm-Leach-Bliley Act (Financial Modernization Act)
– Financial Institution Privacy Protection Act of 2001
– Financial Institution Privacy Protection Act of 2003
– Health Insurance Portability and Accountability Act of 1996 (HIPAA)
– Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (Patriot Act)
– European Union Data Protection Directive (EUDPD)
– Japan’s Personal Information Protection Act
The URL written below should be visited for more details about messaging policy and compliance in Exchange 2013.
http://technet.microsoft.com/en-us/library/aa998599(v=exchg.150).aspx
In this article I want to cover the new and redesigned SMTP archiving feature which is introduced with EV 11.0.1 Beta. I do not know the general availability date of the 11.0.1 SP.
http://www.symantec.com/connect/blogs/symantec-enterprise-vault-1101-beta-available-now For beta notes and new features you can visit the url above. This url might be closed in time.
Important notice: This article contains information from beta release of the product. It is not recommended to use beta versions at your production environment. Contact with Symantec and/or an authorized partner of Symantec for more information.
Let me explain my test environment:
Windows 8.1 Hyper-v for virtualization layer
Windows Server 2012 R2 Domain Controller
Windows Server 2012 R2, Exchange Server 2013
Windows Server 2012 R2, Enterprise Vault 11.0.1b2, SQL Server 2012 /w SP1
So let’s review the steps.
A journal recipient object has to be created on exchange organization. An e-mail contact with external domain suffix is used as journal recipient object because all messages are relayed to Enterprise Vault SMTP engine. Messages which are relayed to Enterprise Vault, are stored in temporary location on local volume.
To relay all messages from an smtp server like exchange server to another smtp server like enterprise vault, dns records have to configured properly.
I have used nwtraders.msft as local active directory e-mail domain name and used evsmtp.local as external e-mail domain name suffix for mail contact so that Exchange Server is able to relay messages to Enterprise Vault SMTP Agent.
Redesigned feature reduces infrastructure costs for journaling, with no dependency on MAPI for crawling large journal mailboxes which might be pain in such circumstances 
Messages can be sent directly to Enterprise Vault SMTP service so you do not need several journal mailboxes on dedicated exchange mailbox servers. As I see, ingesting content into archive seems so easy!
Time to explain configuration steps. Some of these steps depend on your needs.
– Configure Enterprise Vault SMTP settings.
– Predefined SMTP policy can be used.
– Configure SMTP Target Email Address. When you start to configure target email address, you are asked to configure SMTP settings
You can configure target email address, after smtp server setting configurations are completed as shown below.
Connection control is familiar section. You can restrict the source server by name or ip address which can be connected to enterprise vault smtp server to relay journal messages.
You can leave it default so all sources are permitted to connect to enterprise vault smtp service.
You can also leave authentication settings unchecked if you are evaluating the product.
To encrypt communication between MTA’s, digital certificate is needed to be configured. It can be accomplished at this stage shown below. It can be configured at any time later.
I don’t test using wildcard certificate yet. It might not work at this stage!
Summary is shown above. Continue with “finish”
I have used default policy. 3rd party applicated might add different x-headers to smtp messages (For example: Data classification products. Titus etc.). You can configure x-header from properties of the smtp policy . To identify the custom headers outlook spy software may be handy. (http://www.dimastr.com/outspy/home.htm )
An smtp archive is need to archive incoming journal messages. I have created an smtp archive as illustrated below.
Finally we can configure smtp target e-mail address. Default retention category and default policy can be used at this stage.
After target e-mail address is done you have to configure a task which is run to store messages in smtp archive.
It will be configured after couple of “next” ’s.
Properties of task can be reconfigured at any time later.
I have used an e-mail generator to send e-mail messages.
As shown above, journaled and archived messages are browsed and searched via IE browser.
In my opinion this redesigned smtp feature which has introduced with Enterprise Vault 11.0.1 Beta has many advantages over old school journal archiving. After general availability it may be a popular new feature.
I hope this is informative for you.
Regards
PS: For E-mail generator script, visit the url written below.
http://exchangeserverpro.com/test-lab-email-traffic-generator-powershell-script/
EV 11.0.1 RTM version is released 05.Jan.2015