Sunday, 28 November 2010

Journaling on Exchange 2007 & 2010

Journaling allows you  to record all messages flowing in and out of an organization and helps with legal and regulatory compliance.
In Exchange, you can configure journaling on a mailbox database. Every message sent or received by every user on that database will be sent to the Journaling mailbox. When you turn on journaling at the database level, this is known as standard journaling.
You can also enable standard journaling with the EMS using the Set-MailboxDatabase cmdlet. Specify the JournalRecipient parameter and include the address of the journal mailbox. The following command
demonstrates this usage:

[PS] Set-MailboxDatabase “DB1” -JournalRecipient

As the above command shows, an already created mailbox called journal is used (of course any recipient can be used!)

If you want to turn off journaling on a mailbox database, you use the same command, except specify $null instead of a journal mailbox:
[PS] Set-MailboxDatabase “DB01” -JournalRecipient $null 

Configure Journaling for Specific Users

You can configure a journaling rule which will journal messages written by a recipient (in this case Jocelyn) and will be sent to a specific mailbox like the journal mailbox we saw earlier.

[PS] New-journalRule -Name 'Monitor Jocelyn' -JournalEmailAddress -Scope 'Global' -Enabled $true -Recipient ''

The 'Scope' determines which type of messages are journaled. This can be Global (all messages), Internal (messages inside the organization) or External (messages outside the organization).

An important consideration is that messages sent to come from the established rule. Infact the journal mailbox used here should only accept messages from the journal agent. Its the journal agent that is responsible for applying the journaling rule (Monitor Jocelyn) and for sending reports to the journal mailbox. You must make sure that no false data is sent to the journal mailbox. To complete what we have done so far, type the following:

[PS] Set-Mailbox “Journal Mailbox” -AcceptMessagesOnlyFrom “Microsoft Exchange” -RequireSenderAuthenticationEnabled $true

No comments:

Post a Comment