Forum Discussion

Scott Johnson's avatar
Scott Johnson
Brass Contributor
Jan 10, 2017
Solved

Jornalizing using Exchange Online

I understand that you can not utilize a EO email alias for Jornalizing, however TechNet says you canuse an alternate like Azure, does anyone have any good support docs that might direct me how to do ...
exchange online
  • VasilMichev's avatar
    VasilMichev
    Jan 10, 2017

    Exchange hosted in Azure is what they mean I guess. You can send it to any location, internet email services included, as long as it's OK with their license agreement/rules.

     

    Unless you have specific requirements to use Journaling, In-place/legal hold is the preferred method for preserving data in Exchange Online though.

AKIMF's avatar
AKIMF
Iron Contributor
Aug 22, 2019

The_Exchange_Team Scott Johnson 

We set up journaling with the mandatory external mail address, but are facing problems with the hoster's spf/dkim rules.

O365 will send all in- and outgoing mail to journaling@[external_mailhoster], but most ingoing mail (>70 %) will get rejected, when the original sender has a spf/dkim rule configured.

 

Original error message:

"[external_mailhoster_domain] couldn't confirm that your message was sent from a trusted location.

 

This error occurs when Sender Policy Framework (SPF) validation for the sender's domain fails. If you're the sender's email admin, make sure the SPF records for your domain at your domain registrar are set up correctly. Office 365 supports only one SPF record (a TXT record that defines SPF) for your domain. Include the following domain name: spf.protection.outlook.com. If you have a hybrid configuration (some mailboxes in the cloud, and some mailboxes on premises) or if you're an Exchange Online Protection standalone customer, add the outbound IP address of your on-premises servers to the TXT record.

For more information and instructions about configuring SPF records see https://technet.microsoft.com/library/dn789058(v=exchg.150).aspx and also https://support.office.com/article/External-Domain-Name-System-records-for-Office-365-c0531a6f-9e25-4f2d-ad0e-a70bfef09ac0#BKMK_SPFrecords."

 

We thought setting an SPF record for our o365 domain would be sufficient (like v=spf1 include:spf.protection.outlook.com -all) but what I understand now is the following:

 

Journaling:

Outgoing mail: o365-domain --> external_mailhoster

works fine

 

Incoming mail: e.g. "siemens.com" --> o365-domain --> external_mailhoster

SPF rule classifies journaling as spoofing, because external_mailhoster thinks, we are sending mails as "siemens.com".

 

Any idea anyone?

 

AKIMF's avatar
AKIMF
Iron Contributor
Oct 17, 2019

Bump.

spf/dkim rules vs. journaling

 

We still have no idea, how to get journaling done for every mail and without flooded admin mailboxes.

 

Any idea? The_Exchange_Team 

Resources