Export (0) Print
Expand All
0 out of 1 rated this helpful - Rate this topic

How to Configure a Journaling Mailbox

 

Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007

Topic Last Modified: 2007-06-20

This topic explains how to use the Exchange Management Shell to configure a journaling mailbox to receive journal reports from authorized senders only.

The procedure in this topic shows how to configure the journaling mailbox so that only the Microsoft Exchange recipient object can submit journal reports. If you restrict who can submit a journal report to the journaling mailbox, you reduce the risk of a fake journal report being submitted to the journaling mailbox.

For more information about journaling and why it's important to secure the journaling mailbox, see the following topics:

For information about how to create a journal rule, see How to Create a New Journal Rule.

If you want to grant permissions to access the journaling mailbox to another Active Directory directory service user, see How to Allow Mailbox Access.

importantImportant:
Journaling mailboxes contain very sensitive information. You must secure journaling mailboxes because they collect messages that are sent to and from recipients in your organization, and because these messages may be part of legal proceedings or may be subject to regulatory requirements. Various laws require that messages remain tamper-free before they are submitted to an investigatory authority. We recommend that your organization create policies that govern who can access the journaling mailboxes in your organization, limiting access to only those individuals who have a direct need to access them. Speak with your legal representatives to make sure that your journaling solution complies with all the laws and regulations that apply to your organization.

To perform the following procedures, the account you use must be delegated the following:

  • Exchange Recipient Administrator role

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

To configure the journaling mailbox to accept only journal reports from the Microsoft Exchange recipient object, use the Exchange Management Shell to configure the journaling mailbox to accept messages only from the Microsoft Exchange recipient object or only from the journaling mailbox itself, depending on the version of Exchange 2007 you are running.

By configuring the journaling mailbox to accept messages only from the Microsoft Exchange recipient object, only the Microsoft Exchange recipient object will be able to submit journal reports to the journaling mailbox. In addition, you must also configure the journaling mailbox to accept journal reports only from authenticated senders.

Use the following syntax to perform this procedure in the Exchange Management Shell in Exchange 2007 SP1:

Set-Mailbox <Journaling mailbox to configure> -AcceptMessagesOnlyFrom "Microsoft Exchange" -RequireSenderAuthenticationEnabled $True
  1. Create a new mailbox to use as the journaling mailbox. For information about how to create a new mailbox, see How to Create a Mailbox for a New User.

  2. Run the following command:

    Set-Mailbox "Journaling Mailbox" -AcceptMessagesOnlyFrom "Microsoft Exchange" -RequireSenderAuthenticationEnabled $True
    

For detailed syntax and parameter information, see Set-Mailbox.

By configuring the journaling mailbox to accept messages only from itself, only the Microsoft Exchange recipient object will be able to submit journal reports to the journaling mailbox. This is possible because journal reports override any restrictions placed on a mailbox. In addition, you must also configure the journaling mailbox to accept journal reports only from authenticated senders.

Use the following syntax to perform this procedure in the Exchange Management Shell in Exchange 2007 RTM:

Set-Mailbox <Journaling mailbox to configure> -AcceptMessagesOnlyFrom <Journaling mailbox being configured> -RequireSenderAuthenticationEnabled $True
  1. Create a new mailbox to use as the journaling mailbox. For information about how to create a new mailbox, see How to Create a Mailbox for a New User.

  2. Run the following command:

    Set-Mailbox "Journaling Mailbox" -AcceptMessagesOnlyFrom "Journaling Mailbox" -RequireSenderAuthenticationEnabled $True
    

For detailed syntax and parameter information, see Set-Mailbox (RTM).

To ensure that you are reading the most up-to-date information and to find additional Exchange Server 2007 documentation, visit the Exchange Server TechCenter.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.