Enterprise Vault™ Setting up SMTP Archiving
- About this guide
- Introducing Enterprise Vault SMTP Archiving
- Installing SMTP Archiving
- Configuring SMTP Archiving
- Steps to configure SMTP Archiving
- Planning your configuration
- Configuring the Enterprise Vault SMTP Servers in the site
- Adding an SMTP Archiving task and holding folder
- Adding an SMTP Archiving task and holding folder
- Configuring retention categories and retention plans
- Creating SMTP policies
- Configuring archives for SMTP messages
- Adding SMTP routing addresses
- Checking settings for SMTP Journaling
- Additional configuration for Compliance Accelerator
- Provisioning users for SMTP Group or SMTP Mailbox Journaling
- About SMTP provisioning groups
- Adding an SMTP Group Journaling provisioning group
- Adding an SMTP Mailbox Journaling provisioning group
- Changing the order of the SMTP provisioning groups
- Deleting an SMTP provisioning group
- Adding or deleting an SMTP Provisioning task
- SMTP Provisioning task summary reports
- Configuring the SMTP site setting, Selective Journal Archiving
- Adding SMTP target addresses manually
- Using the SMTP dashboard
- PowerShell cmdlets
- Appendix A. Configuring target address rewriting
About Enterprise Vault SMTP Archiving
Enterprise Vault SMTP Archiving enables Enterprise Vault to archive data that is sent to the Enterprise Vault server using the SMTP protocol.
Here are some example applications of SMTP Archiving:
Ingest directly into an archive journal emails sent over SMTP from cloud-based email services, such as Office 365 and Google Mail.
Ingest directly into an archive journal emails from on-premise email platforms, such as Exchange Server, Lotus Domino, Sun Mail System, Zimbra.
Capture all metadata, such as BCC, point in time distribution list membership, journal report information, and so on.
Provide additional data for supervisory sampling using Compliance Accelerator.
Provide additional data for eDiscovery search and review using Discovery Accelerator.
Ingest data from any other application capable of sending email, such as log files, voicemail, scanners, printers, fax machines, and so on.
Populate mailbox archives from the journal feed, where each user's archive is a representation of their personal journal showing Inbox and Sent items.
Replace mail-enabled Exchange Public Folders, to provide users with a more scalable, shared solution.
SMTP Archiving can be used to provide journaling for any application that can send messages over SMTP. Journal report messages (P1 messages) that are sent to Enterprise Vault SMTP servers must comply with the envelope journal report format that is described in the article, http://technet.microsoft.com/library/bb331962.aspx. The journal report messages are processed by Enterprise Vault, and available for searching using an eDiscovery application, such as Veritas Discovery Accelerator.
Note:
SMTP Archiving does not currently process the journal report information in messages that are journaled by Domino Server.
Figure: SMTP Archiving overview shows an example of a simple SMTP Journaling environment:
An MTA receives an SMTP message from some application.
The MTA could be an Exchange Server, or some other server that can route SMTP messages.
The MTA sends the message to the destination mailbox.
In addition, the MTA is configured to copy or journal the message to the SMTP routing address for the Enterprise Vault SMTP server. The domain used in the routing address could just be an MX record alias that you create in DNS to point to the Enterprise Vault SMTP server, for example, ev.example.com.
In Enterprise Vault, you must configure the routing address as an SMTP target address.
The Enterprise Vault SMTP server receives the message, and adds the routing address to the message as an X-RCPT-TO header.
The SMTP server then places the message as an email (.eml) file in the folder that you assign as the SMTP holding folder.
The SMTP Archiving task processes the message file in the holding folder, and archives it in the archive specified for the target address. During processing, the task applies the retention category that is specified in the target properties, and ensures that Enterprise Vault indexes any X-Headers that are listed in the policy.
An Enterprise Vault SMTP server is an Enterprise Vault server that hosts the Enterprise Vault SMTP Archiving components. The components include an SMTP server and an Enterprise Vault SMTP Archiving task. Table: Overview of SMTP Archiving components provides an overview of the main components of SMTP Archiving.
An Enterprise Vault SMTP server can host only one SMTP server and one SMTP Archiving task. However, there can be multiple Enterprise Vault SMTP servers in a site. When you configure SMTP Archiving, the Enterprise Vault SMTP server settings and target configuration information are shared with all the Enterprise Vault SMTP servers in the site. This means that any Enterprise Vault SMTP server in the site can archive messages sent to any SMTP target in the site.
You can use a load balancing solution to distribute the SMTP traffic evenly across the SMTP servers in the site. A simple load balancing solution is to configure a DNS MX record for each of the Enterprise Vault SMTP servers, and give each record equal preference. If you use a single address for journaling, for example SMTPjournal@example.com, and the volume of traffic is more than one Enterprise Vault SMTP server can manage, you can either associate this routing address with multiple archives in different vault stores hosted on different Enterprise Vault storage servers, or implement address rewriting on the SMTP servers. Both these solutions enable you to spread the archiving load over several Enterprise Vault storage servers.