Applies to: Exchange Server 2007 SP3, Exchange Server
2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2009-08-31
This topic describes what journaling is, how journaling helps you comply with legal and regulatory requirements that might be applied in your organization, and how Microsoft Exchange Server 2007 helps you secure journal information from accidental or intentional disclosure.
First, you must understand the difference between journaling and archiving. Journaling is the ability to record all communications, including e-mail communications, in an organization for use in the organization's e-mail retention or archival strategy. Archiving refers to reducing the strain of storing data by backing up the data, removing it from its native environment, and storing it elsewhere. That said, you may use Exchange journaling as a tool in your e-mail retention or archival strategy. Because of new regulations, many organizations in the financial services, insurance, and healthcare industries must maintain records of communication that occur when employees perform daily business tasks.
Although journaling may not be required by a specific regulation, the terms of a regulation may force journaling as one way to comply. For example, corporate officers in some financial sectors are responsible for the claims that are made by their employees to their customers. To verify that the claims are accurate, a corporate officer may set up a system where managers review some part of employee-to-client communications regularly. Every quarter the managers verify compliance and approve their employees' conduct. After all managers report approval to the corporate officer, the corporate officer reports compliance, on behalf of the company, to the regulating body. In this example, e-mail messages might be one of the employee-to-client communications that managers must review; therefore, all e-mail messages that are sent by client-facing employees are journaled. Other client communication mechanisms may include faxes and telephone conversations, which must also be recorded. The ability to journal all classes of data in an enterprise is an important piece of the IT architecture. The following list shows some of the more well-known U.S. regulations that specify requirements that may rely on journaling technology:
- Sarbanes-Oxley Act of 2002 (SOX) A U.S.
federal law that requires the preservation of records by certain
exchange members, brokers, and dealers.
- Security Exchange Commission Rule 17a-4 (SEC Rule 17
A-4) A U.S. Security and Exchange Rule that
provides rules regarding the retention of electronic correspondence
- National Association of Securities Dealers 3010 & 3110
(NASD 3010 & 3110) The NASD requires that
member firms establish and maintain a system to "supervise" the
activities of each registered representative, including
transactions and correspondence with the public. Also, NASD 3110
requires that member firms implement a retention program for all
correspondence that involves registered representatives. These
regulations affect primarily broker-dealers, registered
representatives, and individuals who trade securities or act as
brokers for traders who are subject to the regulations.
- Gramm-Leach-Bliley Act (Financial Modernization
Act) A U.S. federal law that protects
consumers’ personal financial information held by financial
- Financial Institution Privacy Protection Act of
2001 This law amends the Gramm-Leach Bliley
Act to provide enhanced protection of nonpublic personal
- Financial Institution Privacy Protection Act of
2003 This law amends the Gramm-Leach Bliley
Act to provide enhanced protection of nonpublic personal
- Financial Institution Privacy Protection Act of 2001 This law amends the Gramm-Leach Bliley Act to provide enhanced protection of nonpublic personal information.
- Health Insurance Portability and Accountability Act of 1996
(HIPAA) A U.S. federal law that provides
rights and protections for participants and beneficiaries in group
- Uniting and Strengthening America by Providing Appropriate
Tools Required to Intercept and Obstruct Terrorism Act of 2001
(Patriot Act) A U.S. federal law that expands
the authority of U.S. law enforcement for the stated purpose of
fighting terrorist acts in the United States and abroad.
In addition to these U.S. laws and regulations, the following regulations also specify requirements that may rely on journaling technology:
- European Union Data Protection Directive
(EUDPD) This directive standardizes the
protection of data privacy for citizens throughout the European
Union (EU) by providing baseline requirements that all member
states must achieve through national implementing legislation. The
EUDPD influences privacy protections in other countries or regions
because of the limitations that it puts on sending personal
information outside the European Union. Ordinarily, the EUDPD
allows such transmission only to areas that are deemed to have
adequate standards for various items, including data security.
- Japan’s Personal Information Protection
Act A law promulgated by the Japanese
government to regulate the collection, use, and transfer of
personal information. The Personal Information Protection Act
applies to government or private entities that collect, handle, or
use personal information of 5,000 or more individuals.
The Journaling agent is a compliance-focused agent that you can configure to journal e-mail messages that are sent or received by departments or individuals in your Exchange 2007 organization, to and from recipients outside your organization, or both, for use in the organization's e-mail retention or archival strategy. Unlike in earlier versions of Exchange Server, Exchange 2007 provides the following two journaling options to meet your organization's requirements:
- Standard journaling Standard journaling
enables the Journaling agent in Exchange 2007 to journal all
messages that are sent to and from recipients and senders that are
located on a specific mailbox database on a computer running the
Mailbox server role. You must configure journaling individually on
each mailbox database in your organization if you want to journal
all messages to and from all recipients and senders. The following
premium journaling features are not available with standard
- Per-recipient or distribution list
journaling With standard journaling, you can
only enable journaling on a per-mailbox database basis. All
recipients and senders on a journaling-enabled mailbox database
will be journaled.
- Journal rule scope All messages to and
from recipients and senders on a journaling-enabled mailbox
database are journaled.
- Journal rule replication Because
standard journaling is applied on a per-mailbox database basis,
this configuration cannot be replicated throughout the
- Per-recipient or distribution list journaling With standard journaling, you can only enable journaling on a per-mailbox database basis. All recipients and senders on a journaling-enabled mailbox database will be journaled.
- Premium journaling Premium journaling
enables the Journaling agent in Exchange 2007 to use
rules that you configure to match the specific needs of your
organization. You can create journal rules for a single mailbox
recipient or for entire groups within your organization. To use
premium journaling, you must have the Exchange Enterprise Client
Access License (CAL). The following sections discuss the
various attributes that you can configure to meet your
Both standard and premium journaling use the Journaling agent located on Hub Transport servers. When you enable standard journaling on a mailbox store, this information is saved in the Active Directory directory service and is read by the Journaling agent. Journal rules configured with premium journaling are saved in a similar manner.
For more information about how to configure standard and premium journaling, see Managing Journal Rules.
The Scope of a Journal Rule - Premium Journaling Only
The scope of a journal rule defines how widely the journal rule looks for messages to journal. You can target the scope of a journal rule to Internal, External, or Global recipients. The following list describes these three scopes:
- Internal Journaling entries of the
Internal scope process messages that are sent and received by
recipients inside the Exchange 2007 organization.
- External Journaling entries of the
External scope process messages that are sent to recipients or from
senders outside the Exchange 2007 organization.
- Global Journaling entries of the Global
scope process all messages that pass through a computer that has
the Hub Transport server role installed. These include messages
that may have already been processed by journal rules in the
Internal and External scopes.
Journal Recipients - Premium Journaling Only
Besides implementing these three journaling scopes, the Journaling agent also lets you implement additional targeted journal rules by specifying Simple Mail Transfer Protocol (SMTP) addresses that belong to mailboxes, contacts, or distribution lists that you want to journal in your organization. By specifying a target recipient on a journal rule, you can target specific recipients for journaling. These recipients may be subject to the regulatory requirements that were described earlier in this topic, or they may be involved in legal proceedings where e-mail messages or other communications are collected as evidence. By targeting specific recipients or groups of recipients, you can easily configure a journaling environment that matches your organization's processes and regulatory and legal requirements.
When you target a recipient or group of recipients by using a distribution group, for journaling, all messages sent to or from those recipients are journaled. If you don't specify a recipient when you create the journal rule, all messages sent to or from recipients that match the journal rule scope are journaled.
Unified Messaging-Enabled Journal Recipients
Many organizations that implement journaling may also use Unified Messaging to consolidate their e-mail, voice mail, and fax infrastructure. However, you may not want the journaling process to generate journal reports for messages that are generated by Unified Messaging. In these cases, you can decide whether to journal voice mail messages and missed call notification messages that are handled by an Exchange 2007 Unified Messaging (UM) server or to skip such messages. If your organization doesn't require journaling of such messages, you can reduce the amount of hard disk space that is required to store journal reports by skipping such messages. When you enable or disable the journaling of voice mail messages and missed call notification messages, your change is applied to all Hub Transport servers in your organization.
|Messages that contain faxes that are generated by a UM server are always journaled, even if you configure a journal rule that specifies not to journal UM voice mail and missed call notification messages.|
For more information about how to enable or disable voice mail and missed call notification messages, see Managing Journal Rules.
The journaling mailbox is a mailbox that is used only for collecting journal reports. How the journaling mailbox is configured depends on the organization's policies and regulatory and legal requirements. With Microsoft Exchange, you can create one journaling mailbox that you can use to collect messages for all the journal rules that are configured in the organization, or you can create journaling mailboxes for each journal rule. Also, you can configure multiple journal rules to use one journaling mailbox and other rules that each send journal reports to their own journaling mailboxes. The Journaling agent lets you decide how you configure your journaling environment.
|Journaling mailboxes contain very sensitive information. You must secure journaling mailboxes because they collect messages that are sent to and from recipients in your organization, and because these messages may be part of legal proceedings or may be subject to regulatory requirements. Various laws require that messages remain tamper-free before they are submitted to an investigatory authority. We recommend that your organization create policies that govern who can access the journaling mailboxes in your organization, limiting access to only those individuals who have a direct need to access them. Speak with your legal representatives to make sure that your journaling solution complies with all the laws and regulations that apply to your organization.|
For more information about how to configure the journaling mailbox, see Managing Journal Rules.
For more information about how Microsoft Exchange helps you protect journaling mailboxes, see "Protecting Journal Reports Sent Inside an Exchange Server 2007 Organization" section later in this topic.
Journal Rule Replication - Premium Journaling Only
Journal rules that are configured on a Hub Transport server are applied to the whole Exchange 2007 organization. When you create a new journal rule or modify or delete an existing journal rule on a Hub Transport server, the change is replicated to all Active Directory servers in the organization. All the Hub Transport servers in the organization then read the new configuration from the Active Directory servers and apply the new or modified journal rules to messages that pass through the Hub Transport server. By replicating all the journal rules across the organization, Exchange 2007 enables you to provide a consistent set of journal rules across the organization. All messages that pass in or through your Exchange 2007 organization are subject to the same journal rules.
|Replication of journal rules across an organization is dependant on Active Directory replication. Replication time between Active Directory domain controllers varies depending on the number of sites in the organization and the speed of links and other factors outside the control of Microsoft Exchange. Consider replication delays when you implement journal rules in your organization. For more information about Active Directory replication, see Active Directory Replication Technologies.|
|Each Hub Transport server maintains a recipient cache that is used to look up recipient and distribution list information. The recipient cache reduces the number of requests that each Hub Transport server must make to an Active Directory domain controller. The recipient cache updates every four hours. You can't modify the recipient cache update interval. Therefore, changes to journal rule recipients, such as the addition or removal of distribution list members, may not be applied to journal rules until the recipient cache is updated. To force an immediate update of the recipient cache, you must stop and start the Microsoft Exchange Transport service. You must do this for each Hub Transport server where you want to forcibly update the recipient cache.|
|Each time that the Hub Transport server retrieves a new journal rule configuration, an event is logged in the Security log in Event Viewer.|
A journal report is the message that Microsoft Exchange generates when a message matches a journal rule and is to be submitted to the journaling mailbox. Exchange 2007 supports envelope journaling only. With envelope journaling, the original message that matches the journal rule is included unaltered as an attachment to the journal report. The body of a journal report contains the sender e-mail address, subject, message-ID, and recipient e-mail addresses contained within the original message.
It is possible to send a journal report to a distribution list. However, we do not recommend sending journal reports to a distribution list because it could be a security risk. When a recipient is added to a distribution list, a copy of all journal reports are delivered to that recipient. If you do send journal reports to a distribution list, we recommend that you are diligent in monitoring the list so that journal reports are not sent to recipients who should not receive them.
|Sending journal reports to a distribution list is a security risk. We recommend that you do not send journal reports to a distribution list.|
For more information about journal reports and how to manage and protect them, see the following topics:
Interoperability with Microsoft Exchange Server 2003
Exchange 2007 supports journaling in a mixed Exchange 2007 and Exchange 2003 organization. Exchange 2007 can read the Exchange 2003 journaling configuration that is present on Exchange 2003 mailbox databases and journal messages to either an Exchange 2003 or Exchange 2007 journaling mailbox.
Exchange 2003 can't read the journaling configuration that is used by Exchange 2007. However, Exchange 2007 stamps journaled messages and journal reports with properties that Exchange 2003 can read and understand. If a message has already been journaled by Exchange 2007 and the journal reports are sent to the same journaling mailbox, Exchange 2003 doesn't journal the message again. If a message is a journal report, Exchange 2003 treats the Exchange 2007 journal report as if it was an Exchange 2003 journal report.
For more information about journaling in a mixed organization, see Understanding Journaling in a Mixed Exchange 2003 and Exchange 2007 Environment.
Using Exchange Hosted Services
Journaling is enhanced by or is also available as a service from Microsoft Exchange Hosted Services. Exchange Hosted Services is a set of four distinct hosted services:
- Hosted Filtering, which helps organizations protect themselves
from e-mail-borne malware
- Hosted Archive, which helps them satisfy retention requirements
- Hosted Encryption, which helps them encrypt data to preserve
- Hosted Continuity, which helps them preserve access to e-mail
during and after emergency situations
These services integrate with any on-premise Exchange servers that are managed in-house or Hosted Exchange e-mail services that are offered through service providers. For more information about Exchange Hosted Services, see Microsoft Exchange Hosted Services.