programming4us
           
 
 
Applications Server

Exchange Server 2010 : Designing and Implementing Message Journaling

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
11/24/2010 9:05:09 AM

Archiving refers to reducing the amount of data in a user's primary mailbox by moving it to different storage (another mailbox, in the case of Exchange Server 2010 archiving); journaling is the ability to record all e-mail communications in an organization for archival purposes to meet with compliance and regulatory requirements. We'll discuss archiving in detail in the "Designing and Implementing Archiving" section of this chapter.

Although a specific regulation may not specifically require journaling, journaling may achieve compliance under certain regulations. One example is corporate officers in a financial sector that may be held liable for the claims made to their customers by their employees. To verify that the claims are accurate, a system can be set up where a portion of employee-to-client communications is regularly reviewed by managers on a quarterly basis to verify compliance and approve employees' conduct. When every manager has formally reported approval to the corporate officer, the corporate officer can, on behalf of the company, report compliance to the regulating body. E-mail messages are likely one type of the employee-to-client communications reviewed by managers; in this case, all e-mail messages sent by client-facing employees can be collected by journaling. Other client communications that may also be subject to regulation, and thus monitored, include faxes and telephone conversations; journaling all classes of data in an enterprise is an ability that is a valuable functionality of the IT architecture.

Journaling can be a requirement in particular regions or industries because of governmental regulations such as the European Union Data Protection Directive (EUDPD), Sarbanes-Oxley Act of 2002 (SOX), and the Securities and Exchange Commission Rule 17a-4 (SEC Rule 17a-4). Because these are regulatory or business issues, journaling requirements for your Exchange Server 2010 environment are best determined through consultation with your organization's compliance and security staff.

Journaling is implemented in Exchange Server 2010 via the Journaling agent and journal rules, and the output from the Journaling agent is journal reports—one report for each message that is journaled; this output is stored in designated journaling mailboxes (one mailbox per journal rule). We will discuss each of these concepts in detail in the following sections of this chapter.

Note:

Journaling mailboxes can contain sensitive data, so access to these mailboxes should be tightly controlled and monitored.

1. Journaling Agent

The Journaling agent is a transport agent focused on compliance; it processes messages on Hub Transport servers. The Journaling agent fires on the OnSubmittedMessage and OnRoutedMessage transport events. The Exchange Server 2010 Journaling agent is a built-in agent; agents of this type are not included in the output of the Get-TransportAgent cmdlet.

The Journaling agent in Exchange Server 2010 provides two types of journaling:

  • Standard journaling Standard journaling is configured on a per-mailbox database basis and allows the journaling of all messages sent to and from mailboxes located on the targeted mailbox database. You must configure journaling on all mailbox databases in the organization to journal all messages in the organization.

  • Premium journaling More granular journaling is accomplished by using premium journaling with journal rules. You can configure journal rules to match your organization's needs by journaling individual recipients or members of distribution groups instead of journaling all mailboxes residing on a mailbox database. An Exchange Enterprise client access license (CAL) is required to use premium journaling.

Both types of journaling store their configuration information in Active Directory where it is read by the Journaling agent and applied to the appropriate database in the case of standard journaling, or recipient in the case of premium journaling. The journaling rules used with premium journaling are also stored in Active Directory and accessed by the Journaling agent from there.

Standard journaling is implemented on a mailbox database using the Set-MailboxDatabase cmdlet and specifying the journaling mailbox with the JournalRecipient parameter; the journaling mailbox is the mailbox used to store the journal reports generated by the Journaling agent. Standard journaling can also be configured with the EMC on the properties of the mailbox database, as shown in Figure 1.

Figure 1. Implementing standard journaling on a mailbox database

Premium journaling is implemented with journal rules on an organizational level as a component of the Hub Transport configuration, similar to transport rules. You can start the New Journal Rule Wizard from the Actions pane of the Hub Transport organization configuration, as shown in Figure 8-9. Exchange Server 2010 SP1 also introduced the ability to create journal rules from the ECP.

Figure 2. Creating a journal rule

2. Journal Reports

The output generated by both standard and premium journaling is a journal report; this is the message generated by the Journaling agent when submitting a message to the journaling mailbox. The original message matching the journal rule is attached unaltered to the journal report. Information from the original message such as the sender e-mail address, message subject, message-ID, and recipient e-mail addresses is included in the body of the journal report. This is the only journaling technique supported in Exchange Server 2007 and Exchange Server 2010, and is referred to as envelope journaling.

Exchange Server 2010 also supports journaling Information Rights Management (IRM)–protected messages. When IRM support is configured, Journal Report Decryption can include a clear-text copy of the message as an attachment to the journal report, along with the original IRM-protected message. Any IRM-protected attachments are also decrypted, provided that the attachment was protected at the same time as the message.

Notes From The Field: Journaling and Distribution Lists

Thierry Demorre

Senior Director, Avanade, USA

Exchange Server 2010 Hub Transport servers have a default value for the distribution list chipping size (how many recipients are processed when expanding the DL to start sending messages as soon as possible) of 1,000. So if a DL has 1,001 members, Exchange will send two messages, one with 1,000 recipients and one with 1 recipient, which will translate into two journal reports being generated. Some companies consider this to be non-compliant because neither of the two messages accurately captures the envelope recipients.

In this case, the only option is to bump up the ExpansionSizeLimit setting in the edgetransport.exe.config file on the Exchange Server 2010 Hub Transport servers to a value that will exceed the maximum DL size in the enterprise or whichever one the legal department is monitoring; this setting should be changed on all Hub Transport servers in the environment to ensure consistency. This setting has no significant performance implication because the DL has to be expanded anyway; the only difference between expanding a 50,000-member DL with ExpansionSizeLimit set to 1,000 and with ExpansionSizeLimit set to 50,000 is that in the former 50 messages would be sent, whereas in the latter only 1 message would be sent but after the time required to expand the 50,000 members.

3. Journal Rules

The journal rules used by premium journaling are composed of three components:

  • Journal Rule Scope The scope determines which messages are to be journaled:

    • Internal A journal rule with an internal scope targets messages sent and received by recipients inside the organization.

    • External Setting an external scope targets the journal rule on messages sent to or received from recipients outside the organization.

    • Global A global scope targets all messages that pass through the Hub Transport server, whether external or internal.

  • Journal Recipients The journal recipient specifies the SMTP address of the recipient to be journaled; specifying a journal recipient causes all messages both sent to or from that recipient to be journaled.

  • Journaling Mailbox The journaling mailbox is used to store the journal reports generated by standard or premium journaling.

Note:

You can also opt to journal or to not journal messages containing voicemail messages and missed call notification messages generated by Unified Messaging. However, messages containing faxes that have been generated by a Unified Messaging server are always journaled; this is true even if you have specified to not journal voicemail and missed call notifications.
Other -----------------
- Exchange Server 2010 : Designing and Implementing Transport Rules
- Manage Active Directory Domain Services Auditing : Disable the Global Audit Policy by Using the Command Line
- Manage Active Directory Domain Services Auditing : Disable the Global Audit Policy
- Exchange Server 2007 : Manage Resource Mailboxes
- Exchange Server 2007 : Create Resource Mailboxes
- Exchange Server 2007 : Create a Linked Mailbox
- Exchange Server 2007 : Configure Mailbox Properties and Settings
- Exchange Server 2007 : Use Managed Content Settings
- Exchange Server 2007 : Work with Offline Address Books
- Exchange Server 2007 : Work with Address Lists
- Exchange Server 2007 : Create Exchange Administrative Roles
- Exchange server 2010 : Troubleshooting Tools (part 2)
- Exchange server 2010 : Troubleshooting Tools (part 1)
- BizTalk Server 2009 : Exposing WCF services from orchestrations
- Relationship between BizTalk and WCF
- Monitoring Exchange Server 2010 (part 1) - System Center Operations Manager 2007 R2
- Monitoring Exchange Server 2010 (part 1) - Performance Monitor
- Enable the Global Audit Policy by Using the Command Line
- Enable the Global Audit Policy by Using the Windows Interface
- Exchange Server 2007 : Modify Recipient Configuration Modify
 
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us