Nov 27 2017 01:58 AM
We are legally obliged to archive all received emails. For that reason we configured a Journaling rule and mailbox in Exchange Online (Business Premium plan) in cooperation with a 3rd party software.
(We do not want to use Litigation Hold because a) Exchange Online Plan 2 is too expensive and b) using the web interface is tedious).
My problem is that if I send an email to a non-existing mailbox, Journaling does archive that email and also the NDR that is sent to the sender. I could live with the archival of the NDR, but if there is only the slightest typo in the mailbox address, it is extremely hard to actually see that an archived mail didn't reach our employee.
I need to configure the Journal mailbox in a way that it does not create/send journals for non-existing mailboxes. How?
Nov 27 2017 10:02 AM
I'm not aware of such functionality, and I don't see how it can be implemented, as the message will be saved to the Journaling mailbox upon submitting it to the transport pipeline, not upon receiving the SMTP response. Allowing such "writebacks" sort of defeats the purpose of journaling. Anyway. @Tony Redmond is much more experienced in the compliance area, he might have a better answer.
Nov 27 2017 10:12 AM
SolutionI don't see that this is possible. If you journal, you capture everything per the scope you set up. I suspect that you want New-JournalRule https://technet.microsoft.com/en-us/library/bb125242(v=exchg.160).aspx to have a different scope (like IgnoreServiceMessages), but some of those service messages are important to prove whether someone received a message, so I think it would be really difficult to come up with a rule that does what you want without fatally undermining the integrity of the journalling process.
Nov 27 2017 10:12 AM
SolutionI don't see that this is possible. If you journal, you capture everything per the scope you set up. I suspect that you want New-JournalRule https://technet.microsoft.com/en-us/library/bb125242(v=exchg.160).aspx to have a different scope (like IgnoreServiceMessages), but some of those service messages are important to prove whether someone received a message, so I think it would be really difficult to come up with a rule that does what you want without fatally undermining the integrity of the journalling process.