How do I set up email archiving on Office 365? – MirrorWeb

Click here for an interactive version of this guide.

To configure your Office 365 tenant for email archiving, you must create a Journaling Rule, then create a Connector and Transport Rule for this journal address. This guide walks you through archiving your entire tenant for email archiving which will capture all users/email addresses on your tenant. If you require only selected users/email addresses to be archived please refer to the guide here.

By the end of this guide, you will have:

Configured email archiving on your Office 365 account for all users within your tenant.

Prerequisites

Before starting this guide, please ensure that you have the following information:

You must be an administrator on your Office 365 tenant. If you are not an Office 365 administrator, please send this guide to a member of your IT staff with the correct privileges.
You must have received a journal feed address (JFA) for email archiving from your Client Onboarding Specialist. This will be in the format xxx@us.mirrorwebmail.com. If you have not received a journal feed address, please contact our onboarding team at onboarding@mirrorweb.com.

Create a Journal Rule

Open your Microsoft Purview Portal. In the left-hand navigation bar, navigate to Settings.
Select Data lifecycle management, then Exchange (legacy).
Choose an Undeliverable report address – this is used and is required for if archiving ever fails. This sends a report of the message and why it was blocked. The email address you choose must be outside of your domain.
Select Solutions, in the left hand navigation bar then Data lifecycle management.
Click Exchange (legacy) then Journal rules.
Click Add New Rule.
Copy the Journal Feed Address provided by your Client Onboarding Specialist, and paste it into the Send Journal Reports to field. This address will be in the format xxx@us.mirrorwebmail.com.
- Within the Journal Rule, enter ‘MirrorWeb Archiving’ as the journal rule’s name.
- For Journal messages sent or received from, select Everyone.
- For Type of message to journal, select All Messages.
  
  Once complete, click Next – then Submit.

Create a Connector for Journaled Mail
A connector and transport rule that we are setting up now, add additional specific mail flow conditions for journaled emails. This ensures they get delivered to a specific outbound or inbound relay in case data needs to bypass any encryption or threat filters.

Open the New Exchange Admin Centre (EAC).
Navigate to the Mail Flow -> Connectors tab.
Click + to create a new connector. The New connector screen appears.
Under Connection from, choose Office 365.
Under Connection to, choose Partner Organization.
Click Next. The Connector name screen appears.
Call the new connector "MirrorWeb Insight", and optionally set a description.
Under What do you want to do after connector is saved, ensure "Turn it on" is checked.
Click Next. The Use of connector screen appears.
On the Use of connector screen, select "Only when I have a transport rule set up that redirects messages to this connector".
Click Next. The Routing screen appears.
Under Routing, select "Use the MX record associated with the partner's domain".
Click Next. The Security restrictions screen appears.
Leave the contents of the Security restrictions screen as default, and click Next. The Review connector screen appears.
Under Validate email, enter the Journal Feed Address that you have been provided by your Client Onboarding Specialist, then click the + button to add this address to the validation request.
Click Validate. The validation process starts. Occasionally, the validation process may fail: however, the journal feed connector is still suitable for use - click "Yes, proceed" on the panel that appears after step 17.
Once the validation process has occurred, click Next. The Review connector screen appears.
After reviewing the settings, and click Create connector. The connector is now ready for use.

Create a Transport Rule for Journaled Mail

Open the New Exchange Admin Centre (EAC).
Navigate to the Mail flow -> Rules tab.
Click + Add a rule, and then "Create a new rule" in the dropdown that appears. The Set rule conditions screen appears.
Under Name, enter "MirrorWeb Insight".
Under Apply this rule if, select The recipient in the first dropdown, and then "domain is" in the second dropdown that appears.
In the specify domain panel that appears, enterus.mirrorwebmail.com in the text field, then click Add. Then, click Save at the bottom of the screen.
Under Do the following, select Redirect the message to in the first dropdown, and then "the following connector" in the second dropdown that appears.
In the select connector panel that appears, select MirrorWeb Insight and click Save.
Once the above settings have been configured, the rule conditions should appear like the image below. If the rule is configured correctly, click Next. The Set rule settings screen appears.
Under Severity, ensure that "Not specified" is selected on the dropdown.
If you have no other mail rules that require running as part the archive process, ensure the Stop processing more rules is checked. This will be the case for the majority of archive use-cases.
Under Match sender address in message, ensure "Header" is selected on the dropdown.
Click Next. The Review and finish screen appears.
On the Review and finish screen, review the configuration to ensure that it matches the image below. If it does, click Finish. The priority number may differ depending on your EAC configuration - we will change this in the next step.
On the Rules screen, click the MirrorWeb Insight rule that you have just created.
In the MirrorWeb Insight panel that appears from the right-hand side, slide the toggle so that the rule is enabled & await the Rule status to update successfully.
Click Edit rule settings.
Under Priority, change the value to 0.
Configuring email archiving on Office 365 is now complete. Please contact your Onboarding Engineer to continue the MirrorWeb onboarding process.