In order to be able to enable journaling with the archiving system you need to ensure that business journaling is available in the Office 365 package, your Service Provider will be able to confirm. In order to configure your Office 365 environment for archiving, please follow the guidelines below.
Note: Elements of this document may be different to what you may see within the O365 console, this will be attributable to change overtime by O365
First, you will need to log in the archiving system and follow the steps described below.
Gather your Archives Journal Mailbox Address In the archiving system:
- Click settings on the left hand navigation menu
- From any page, click the
option, located on your left and then Collectors>Manage>SMTP
- Copy the SMTP address shown on the page. You will use this address when configuring journaling in Microsoft Office 365. SMTP collection will capture, index, and archive emails up to 75MB in size by default.
Once you are done in the archiving system and have the SMTP address, log in to Microsoft Office 365 and follow the steps described below. (note that some images may vary compared to what you see in the O365 Admin Portal)
In Microsoft Office 365:
1. Go to the Microsoft 365 admin center,
2. Select Compliance -> Data lifecycle management -> Exchange (legacy) -> Journal rules -> Select the + to add a new rule
3. Set the options to set a new rule and save.
Enter the Archive SMTP address gathered from Step 4 of Gather your Archives Journal Mailbox Address.
Add recipient for undeliverable reports
- Please know that any internal mailbox you choose will not journal incoming mail.
- Do not choose any user whose mailbox you need archived.
Once journaling has been enabled, a copy of all newly created message (sent and received) will be sent to your archive account via SMTP.
Journaling Selective Users:
To journal specific users you will first need to create a new group within Office 365. This group will contain users that you want to specifically journal.
1. From the Microsoft 365 admin center homepage, navigate to Teams & groups → Active teams and groups → Distribution List (NOTE: NOT Teams & Microsoft 365 Groups as these won’t show up in the journaling rules as an option)
2. Select Add a distribution list
3. Name your group and add an optional description, click Next
4. Assign the group owner(s) by clicking Assign owners, click Add, then click Next
5. Assign the group member(s) by clicking Add members, click Add, then click Next
6. Create a group email address, and select your communication setting, then click Next
7. Review the group information, make any necessary changes, then click Create group
-
Follow previous steps to create a new journaling rule, or you can also edit an existing rule
-
On the step to select Journal messages sent or received from, select A specific user or group → Select a user or group
-
From the box on the right, find the group you just made by searching for the group email address, select it, and click Add, then click Next
11. Review your selections/settings and then select Submit
12. Your new rule should show up in the Journal Rules section
IMPORTANT:
If you've configured a journaling rule to send the journal reports to a journaling mailbox that doesn't exist or is an invalid destination, the journal report remains in the transport queue on Microsoft datacenter servers; delivery of queued items is periodically retried. If this happens, Microsoft datacenter personnel will attempt to contact your organization and ask you to fix the problem so that the journal reports can be successfully delivered to a journaling mailbox. If you haven't resolved the issue after two days of being contacted, Microsoft will disable the problematic journaling rule.
As previously explained, undeliverable journal reports are queued on Microsoft datacenter servers. Undeliverable journal reports can't be returned to the sender in a non-delivery report (also known as an NDR or bounce message) because the sender is the Exchange Online service. To handle the NDRs for undelivered journal reports, you have to you specify an alternate journaling mailbox that accepts the NDRs for all undeliverable journal reports.
Select an alternative journaling mailbox to receive NDRs for undeliverable journal reports
The original journal report is an attachment in the NDR. When the journaling mailbox for an undelivered journal report becomes available again, you can use the Resend this message feature in Outlook on the NDRs in the alternate journaling mailbox to send the unaltered delivery report to the journaling mailbox.
Prevent winmail.dat type messages from being delivered to the archive
mail flow | remote domains
From the O365 control panel, navigate to mailfow -> remote domains
- Add (+) a new configuration (this will be additional to what already may exist)
- Set Name: View Archiving
- Set Remote Domain: *.journaladdress.com (enter the actual domain of your journal mailbox address)
- Set Use rich-text format: Never
- Save settings.
Propagation of this new setting could take an hour or more to filter through MS services. Exact timeframes should be directed to your Office 365 Service Provider
External references:
Microsoft Technet KB: HERE
MSDN KB: HERE
Additional Resources:
We recommend that you always refer to Microsoft's Technet Articles for more information on journaling, available HERE. Whilst guidance on setup is provided, the responsibility to ensure the journaling aspects are configured correctly according to the needs of your Company, is with the administrators of your email services.
Comments
0 comments
Please sign in to leave a comment.