Requirements
- This feature is only available on the following packages:
- Professional
- Professional+
- The account setting up archiving must have global administrator rights
- For Exchange 2016, it is recommended to create an alternate journaling mailbox beforehand just in case any issues arise with the SMTP connection.
Enable Archiving in Proofpoint
Log into the Proofpoint portal that matches your tenant's region.
- US: https://constantedge1.proofpointessentials.com/
- EU: https://constantedge.proofpointessentials.com/
Navigate to Account Management > Features, then verify that the "enable email archive" box is checked. If this isn't currently enabled, then check this box and click Save at the bottom of the page.
Once this feature is enabled, a new Archiving option will appear in the top-left corner of the Proofpoint portal.
Configure Exchange Connection in Archive
Click the new Archive option to the left, then hover over the bar with icons on the left side of the new page. From here, navigate to Data Management > Connections:
In the top right corner of the Connections page, click on Add Connection:
Under Description, enter a name such as Exchange. Set the connection type to SMTP (Local Exchange 2013+).
Fill in the IP address(es) for your sending servers on Exchange. Multiple IPs or CIDR ranges can be separated by commas.
Once this information is filled in, click Next. Copy down the SMTP address that Proofpoint provides here, as it will be needed later. (This address will end with "us.earchive.cloud" if you are a US customer or "eu.earchive.cloud" if you are an EU customer.)
Click Done at the bottom of the page when finished. This SMTP address can be viewed again later if needed by editing the connection.
Create External Contact
Remote Journaling should be enabled directly to a Proofpoint Essentials SMTP contact, not by using the forwarding rule.
- In the Exchange Admin Center, navigate to Recipients > Contacts.
- Click + then Mail Contact.
- Enter a first name (e.g. SMTP), last name (e.g. Connection), display name (e.g. SMTP Connection), name (e.g. SMTP Connection), and alias (e.g. Journaling).
- in the External email address field, enter the email address of the SMTP address provided when you created a connection in Proofpoint Essentials (e.g. [email protected] or [email protected]).
- Click Browse and select the desired Organization unit.
- Click Save.
Create Archive Send Connector
Log into the Exchange Admin Center, then navigate to Mail Flow > Send Connectors
From here, build a send connector with the following structure:
- Set a name such as "Proofpoint Archive Connector"
- Tick the "Turn it on" checkbox
- For Type, select Custom, then click Next.
- Under Network settings select MX record associated with recipient domain, then click Next.
- Click + to edit Address space.
- Set Type to SMTP.
- For Full Qualified domain name (FQDN): enter *.earchive.cloud.
- Set Cost field to 1.
- Click Save, then Next.
- Click + to edit Source server.
- Select the transport server(s) that will be associated with the connector.
- Click Add, then OK, then Finish.
Once the send connector is created, make the following changes to the send connector properties:
- Click Edit (pencil icon)
- Change Maximum send message size to unlimited
- By default, there is a size limit of 35mb
Configure Journaling
- In the Exchange Admin Center, click Compliance Management (in the list on the left).
- Click the Journal Rules tab.
- Add a new journal rule by clicking +.
- In the Send journal reports to field, enter the email address of the journaling mailbox created when you added an SMTP connection in Proofpoint Essentials (e.g. [email protected]).
- Enter a descriptive Name for the rule.
- From the If the message it sent to or received from... list, select Apply to all messages.
- From the Journal the following messages... list, select All messages.
- Click Save.
Choosing An Alternate Journaling Mailbox (Exchange 2016 Only)
It is recommended that you specify an alternate journaling mailbox in case the SMTP connection stops accepting traffic. You can then create an IMAP connection to collect any messages that were not sent via SMTP.
- In the Exchange Admin Center, click Compliance Management (in the list of the left)
- Click the Journal Rules tab.
- Click Select Address next to Send undeliverable journal reports to.
- In the NDR for undeliverable journal reports window that opens, click Browse.
- Select a mailbox in the dialog box and click OK.
- Click Save.
Set Archive Permissions
Log back into Proofpoint as an organization admin (logging in with the same domain that this Proofpoint tenant is using). Using a channel admin account that a partner might use to view the settings of their customers will not work for this.
Click the Archive Tab, then in the Archive UI, click Users on the left.
Search for whichever user(s) should be able to search through the archive. Click on the three dots next to their email address on the right, then click "Manage Permissions."
To allow this user to search the archive, enable the option for Discovery User.
- The "administrator" option will give this user permission to edit settings such as retention policies, connections, etc.
- You may grant a Discovery User permission to search the archive for either everyone's mail or only specific mailboxes
When finished, click Save. Any account set as a Discovery User should now be able to search though and interact with the data in the Proofpoint email archives.