Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


April 01, 2008

Get Compliant with Exchange Server 2007 Journaling

Exchange 2007 makes journaling easier to use, with features such as simpler rule configuration, better per-recipient control, and premium journaling
A Web Exclusive from Windows IT Pro
Siegfried Jagott
Feature
InstantDoc #98337
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
View this exclusive article with VIP access -- click here to join | See More Exchange 2000 Server Articles Here | Reprints
Or sign up for our VIP Monthly Pass!
SideBar    A Few Regulations Relevant to Journaling

Executive Summary:
New government regulations that require more financial and communications disclosures, such as the Sarbanes-Oxley Act of 2002, are forcing many companies to journal their electronic communications, including internal and external emails, voicemails, and fax messages. Exchange Server 2007 makes journaling easier than with Exchange Server 2003 because Exchange 2007 uses journal rules enforced through the Hub Transport server and allows unified messaging (UM) journaling. This article explains the differences between journaling and archiving; explains journal rules, journal mailboxes, and journal reports; and compares standard journaling with premium journaling in Exchange 2007.


Government regulations are forcing IT administrators to journal increasingly more electronic communications, including email, voicemail, and fax transmissions. Many companies are also adopting similar internal requirements to prevent and prepare for government audits and lawsuits. Like its predecessors, Exchange Server 2007 provides a journaling capability that can help IT comply with such requirements. However, journaling in Exchange 2007 has some important differences from journaling in earlier Exchange versions. In particular, Exchange 2007 uses journaling agents to apply mailbox and unified communications (UC) journal rules via the Hub Transport server role. Exchange 2007 also provides multiple options for collecting journal reports, including journal mailboxes, Exchange Hosted Services, or a third-party archiving service. If you're just getting started using Exchange 2007 or plan to migrate to it, you'll find it helpful to understand the differences between journaling in Exchange 2007 and Exchange Server 2003, Exchange 2007 journaling basics, and the distinctions between standard and premium journaling. (And for a quick look at some regulations that have a bearing on the use of journaling, see the sidebar "A Few Regulations Relevant to Journaling.")

Exchange 2007 Journaling Basics: Journal Reports and Mailboxes
Journaling in Exchange 2007 is very different than journaling in Exchange 2003. Exchange 2007 journaling does its work primarily in the Hub Transport server role, whereas Exchange 2003 works in the mailbox server. Because journaling is handled in the Hub Transport server role, journaling activity won't impact mailbox servers, making them more efficient because they don't have to handle any journaling services. Exchange 2007 journaling also gives administrators better control of per-user and per-recipient journaling and is much easier to configure than Exchange 2003 journaling.

As in Exchange 2003, journal reports are the basic component of Exchange 2007 journaling. A journal report is any message sent to and stored in a journal mailbox specifically for record-keeping. Unlike Exchange 2003, which supports three types of journaling (message-only, BCC, and envelope), Exchange 2007 journal reports exclusively use envelope journaling, as Figure 1 shows. The Exchange 2007 envelope journaling format allows message-header archiving and includes the following parts:

  • The unaltered original message attached in Transport Neutral Encapsulation Format (TNEF), an encoding format that "packages" parts of a message (e.g., voting buttons, read receipts) to retain more of the message's original text, headers, and formatting.
  • The journal report body containing the sender's email address, subject, message ID, and recipients' email addresses, including blind carbon copy (BCC) addresses.

To enable Exchange 2007 journaling, you must designate a mailbox that will receive and store journal reports. You can create a single mailbox for the entire company and all journal rules or create a mailbox for each user, group, or rule. You also can forward journal reports to Exchange 2007 Global Address List (GAL) contacts, offsite mailboxes, or third-party messaging environments.

Your journal mailbox should be used only to receive journal reports and should be accessible to only a limited number of people. Since the journal mailbox could house messages from company executives and contain a company's sensitive information, you should limit access to the mailbox to only those people who have a legitimate need to use it. Individually add each user account and closely monitor access to the mailbox.

Many of the laws that require recording communications also require that once recorded, those messages be tamper-proof. This means your journaling mailbox can't receive mistakenly addressed messages. The best practice is to restrict the mailbox to receiving only messages sent directly to it. To do so, use the following Exchange Management Shell (EMS) mailbox command, where "Journal" is the mailbox name: 

Set-Mailbox "Journal" `
    -AcceptMessagesOnlyFrom "Journal" `
    -RequireSenderAuthenticationEnabled $True

If you're using Exchange 2007 SP1, you can automatically convert TNEF and MIME messages to journal reports. The journal mailbox must be a GAL contact pointing outside your Exchange organization, and you'll need to turn off MAPI rich text formatting for the Hub Transport server to convert the message. To do so, in Exchange Management Console (EMC), on the properties page of the mail contact you want to configure, switch the Use MAPI rich text format option to Never. Alternatively, you can use the Set-MailContact command in EMS to configure the contact. For example, the following command configures a MIME contact. (Be sure to replace with your contact's Exchange alias.) 

Set-MailContact  `
    -UseMAPIRichTextFormat Never

Now that you know some Exchange 2007 journaling basics, let's look at the two types of Exchange 2007 journaling: standard journaling and premium journaling, a new feature introduced for large enterprises.

Standard Journaling
Standard journaling is included with the Exchange Server standard CAL and is sufficient for small- to medium-sized companies with dozens (rather than hundreds) of mailboxes. Standard journaling is similar to the journaling concepts in Exchange 2003. You assign a journal mailbox for each mailbox database, and the mailbox saves every message sent to or from recipients in the database.

All messages that flow through a mailbox store are also sent to the journal mailbox. You control journaling by moving mailboxes between mailbox stores on an Exchange server or between Exchange servers.

Standard journaling is easy to implement through the Mailbox Database Properties dialog box; to do so, you need to be an Exchange 2007 Administrator or Exchange Organization Administrator. To enable standard journaling on your Exchange server, open EMC, then click Server Configuration. Next open the Mailbox Server, then open the Mailbox Database. Click Properties, and you'll see a dialog box similar to Figure 2. In this box on the General tab, you'll define the Mailbox Database properties, including designating the box as a journal recipient. After you've set the journal recipient, click OK.

Premium Journaling
Premium journaling, which requires an Exchange 2007 Enterprise CAL (an add-on to the standard CAL), is for large companies with many Exchange Mailbox servers, each hosting multiple databases. In a large enterprise, configuring and maintaining numerous mailbox databases is a challenge, and setting journaling rules for those databases can be a complicated process. To configure the premium journaling options, open EMC and expand Organization Configuration. Then click Hub Transport. With premium journaling, you can create multiple rules to match your enterprise's unique journaling needs, by using the following options:

Journal messages for recipient. This option lets you select specific mailboxes, contacts, or distribution lists (DLs) to journal, but every object selected must belong to your Exchange organization. If you want to journal mailbox items for a particular external SMTP address, you must first create a GAL contact for that address.

Using the Journal messages for recipient option, you can also use DLs to control journaling. For example, you can create a DL of all the mailboxes you must journal for regulatory compliance. Then you can assign the legal compliance department management rights to the DL. The Hub Transport server maintains a recipient cache to look up recipient and DL information, so changes to the DL could take up to four hours to take effect.

There's one drawback to using the Journal messages for recipient option. If you don't select any recipients to journal or disable this feature, every message sent to or from your Exchange organization will be journaled. To select individual mailboxes to add to a DL, do the following:

  1. Open EMC.
  2. Click Recipient Configuration.
  3. Click Distribution List.
  4. Under the Actions tab, use the New Distribution Group option to create a new DL.

To modify DL members, follow the same path, but double-click in the middle pane, then click the Members tab and use the Add button to add members. To disable the Journal messages for recipient feature, do the following:

  1. Open EMC.
  2. Expand Organization Configuration.
  3. Click the Hub Transport pane.
  4. Click the Journaling tab.
  5. Double-click a journal rule and remove the check from the Journal messages for recipient box.

Journal rule scope. You can configure the magnitude of your journaling for each rule to be global, internal, or external. Global journaling tells the Exchange server to journal every message that passes through the Hub Transport server. Internal journaling tells the Exchange server to record only messages sent and received by recipients within your Exchange organization. External journaling tells the Exchange server to record only messages sent to recipients outside your Exchange organization or messages sent by someone outside the organization and received by someone inside the organization. For example, you could set a global journal scope to record all messages during a time the audit department specifies, such as during negotiations to acquire another company. Or you could set an external journal rule scope to journal all messages sent by a stock broker to recipients outside your Exchange organization, which would journal all messages from the stock broker to clients and potential investors.

Journal unified messaging (UM). By default, premium journaling records Exchange 2007 UM communications, including voicemail messages, missed-call notifications, and faxes. You can elect not to journal every UM item, possibly to save hard disk space. You can enable or disable journaling for voicemail and missed-call notifications by using the following EMS commands: 

Set-TransportConfig `
    -VoicemailJournalingEnabled $true
Set-TransportConfig `
    -VoicemailJournalingEnabled $False

Unfortunately, you can't enable or disable UM messaging on a per-server or per-user scope; it can only be globally enabled or disabled. Disabling voicemail and missed-call notification journaling won't disable faxes or messages from the Exchange 2007 Unified Messaging server.

Premium Journaling Benefits
Creating and managing a large organization's journaling rules and mailboxes is much simpler using Exchange 2007 premium journaling, as compared with Exchange 2003 journaling, which requires you to create, implement, and maintain separate mailbox databases for each journal rule. For example, a financial institution is required to journal all its stockbrokers' communications. With Exchange 2003, journaling every stockbroker communication would be a nightmare. You'd have to create a specific mailbox database for the stockbrokers' mailboxes and enable journaling for that database. If the brokers are geographically spread throughout a global organization, this would be quite an effort to implement. Either you'd end up with multiple mailbox databases, or you'd have to enable journaling for multiple mailboxes, either way substantially increasing your hard-disk space requirements.

Creating, implementing, and maintaining journaling for this imaginary organization would be easy with Exchange 2007. You'd simply create a stockbroker DL and apply the list to a journal rule. The rule would journal only the messages to and from the DL mailboxes. This process would immediately optimize your archiving volume with just a few steps. One thing to remember, however, is that the DL membership is cached to limit the number of Active Directory (AD) queries. As a result of the caching, new list members are recognized only once every four hours when the cache is refreshed or when the Microsoft Exchange Transport service is restarted.

You can access premium journaling through EMC by opening Organization Configuration, then Hub Transport, and selecting the Journaling tab, as Figure 3 shows. Alternatively, you can use EMS's New-JournalRule command. The following example uses the New-JournalRule command to create a premium rule named Journal for Sigi Mailbox that journals all the messages to and from the mailbox SigiJ to a mailbox named Journal. 

New-journalRule -Name `
    'Journal for Sigi Mailbox' `
    -JournalEmailAddress `
      'journal@exchange2007.com' `
    -Scope 'Global' -Enabled $true `
    -Recipient 'SigiJ@Exchange2007.com'

Managing Premium Journaling
All journal rules are configured through EMC’s Organization Configuration node, so only Exchange Organization Administrators can create and modify them. Because journal rules are configured and applied in the Hub Transport server role, all Exchange organization configurations, including journal policies, are automatically replicated to all the organization's Exchange servers. When you complete one configuration, it's automatically replicated to all Hub Transport servers.

If you create multiple journal rules that include the same mailbox, you'll create multiple copies of the same journal reports. For example, if you create a journal rule that includes all mailboxes and journals for all internal messages, and you create a second journal rule for a mailbox called Trader, every message to and from the Trader mailbox will be sent to both the first and the second journal mailbox. To prevent such journaling redundancy, you’ll need to clearly plan your journaling rules.

Premium journaling requires an Exchange 2007 Enterprise CAL, which means an increased Exchange 2007 project budget. But the Enterprise CAL not only unlocks premium journaling but also allows other cool features such as Exchange 2007 managed folders and UM. (For more information about managed folders, see the Windows IT Pro article "Meet Email-Retention Needs with Exchange 2007," February 2007, http://windowsitpro.com/article/articleid/94607/94607.html.) You can leverage this argument in your budget request: Premium journaling will ease your workload, especially in medium to large organizations.

Save Your Sanity
For organizations required to journal because of regulatory requirements or internal policy mandates, Exchange 2007 journaling will make your job easier, and premium journaling will make it a lot easier. Premium journaling costs a bit more to start, but the savings in work hours and IT administrator sanity are well worth the extra cost. Migrating from Exchange 2003 to Exchange 2007 may also require an additional cost, but the sacrifice will pay off in the long term. Government regulation never goes away, and I expect it will increase as Uncle Sam and other public entities seek more oversight of private sector financial disclosures and policies. The sooner you implement Exchange 2007 journaling, the better.

End of Article

Reader Comments
Logged in but can't read it

sven267 April 01, 2008 (Article Rating: )

You must log on before posting a comment.

If you don't have a username & password, please register now.




Learning Path Windows IT Pro Resources
"Exchange 2007 Transport Rules"

"Meet Email-Retention Needs With Exchange 2007"

"Exchange 2007 Licensing"

"Exchange 2003 Advanced Journaling"

"An Exchange 2003 Journaling Primer"
Top Viewed ArticlesView all articles
The Memory-Optimization Hoax

Don't believe the hype. At best, RAM optimizers have no effect. At worst, they seriously degrade performance. ...

Q. How can I use the command line to obtain a list of all the applications installed on my computer?

...

Windows SBS, EBS 2008 Hit RC1, Home Server PP1 Ships

Find out how to download the RC1 versions of Windows SBS 2008 and EBS 2008, and discover what's new in the PP1 update to Windows Home Server. ...
Exchange Server and Outlook Whitepapers Anonymizers – The Latest Threat to Your Web Security

Replay for Exchange: Enterprise Protection and an Affordable Price

ETX Driving Embedded I/O
Related Events Check out our list of Free Email Newsletters!
Exchange Server and Outlook eBooks Spam Fighting and Email Security for the 21st Century

Understanding and Leveraging Code Signing Technologies

The Expert's Guide for Exchange 2003: Preparing for, Moving to, and Supporting Exchange Server 2003
Related Exchange Server and Outlook Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.

Exchange & Outlook UPDATE eNewsletter
News, strategies, products, and developments in Exchange Server and Outlook messaging.

ADS BY GOOGLE SPONSORED LINKS FEATURED LINKS

Shortcut Guide to SQL Server Infrastructure Optimization
With right tools and techniques, you can have a top-performing SQL Server infrastructure without having to cram your data centers so that they're overflowing. Download this eBook to learn how.

WinConnections Conference Fall 2008
Don’t miss the premier event for Microsoft IT Professionals in Las Vegas, November 10-13. Register and book your room by August 25 and receive a FREE room night (based on a three night minimum stay).

Become a fan of Windows IT Pro on Facebook!
Join us on Facebook and be a fan of Windows IT Pro!

Continuous Data Protection and Recovery for Exchange
Read this white paper to learn about Continuous Data Protection (CDP), Exchange 2007's local continuous replication and cluster continuous replication features.

Rev Up Your IT Know-How with Our Recharged Magazine!
The improved Windows IT Pro provides trusted IT content with an enhanced new look and functionality! Get comprehensive coverage of industry topics, expert advice, and real-world solutions—PLUS access to over 10,000 articles online. Order today!

Tips to Managing Messaging
Discover three fundamental mail and messaging management services - security, availability and control services - and how you can implement them in a Microsoft-centric mail and messaging environment.

Get It All with Windows IT Pro VIP
Stock your IT toolbox with every solution ever printed in Windows IT Pro and SQL Server Magazine plus bonus Web-exclusive content on hot topics. Subscribe to receive the VIP CD and a subscription to your choice of Windows IT Pro or SQL Server Magazine!



Solving PST Management Problems
In this white paper, read about the top PST issues and how to administer local/network PST files.

Bandwidth Monitoring Tool from SolarWinds
Identify largest bandwidth users in seconds. Get the free download now.

Transform Your Data Center at Brocade Conference 2008
Storage networking industry’s premier event at the MGM Grand, Las Vegas, September 22 - 24, 2008

Are You Litigation Ready?
Collecting and processing electronic data for e-discovery can be time-consuming and expose a business to significant legal risks. Get prepared with this free white paper

Order Your Fundamentals CD Today!
Gain an introduction to Exchange, learn server security requirements, and understand how unified communications can play a role in your messaging strategies with this free Exchange CD.

KVM over IP Solutions
Learn about a KVM over IP solution that is specifically designed to meet the needs of the distributed IT environment.
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound
IT Library Technical Resources Directory Connected Home Windows Excavator SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing