Zimbra Archiving and Discovery is an optional feature that enables archiving of messages that were delivered to or sent by {product-name} and to search across mailboxes.
The installation of the archiving feature provides the {product-abbrev} discovery tool (also known as cross mailbox search) and sets the attributes that allow archiving to be enabled on the Zimbra MTAs.
Archiving is configured on a per account basis. Each account enabled for archiving requires a Zimbra archive license. When archiving is enabled for an account, a copy of all email from or to that account is forked at the MTA and a copy of the message is delivered to a predefined archive mailbox. The archiving process is transparent to account users.
Discovery allows you to conduct a search for email messages across live and archived mailboxes and copy the results to a specified mailbox.
When a message is sent or received by a user, the message is always routed through the Postfix MTA. The Postfix MTA allows integrating software that can perform actions on messages that are in flight. When archiving is enabled for the sender or the recipient of messages, Zimbra Archiving integrates with an MTA hook and the Amavisd-New utility to fork a copy of the message.
The “does recipient or sender have archiving enabled” check is performed on the SMTP standard envelope and not on the From or To/Cc headers. Since checks are performed on the envelope, Bcc copies and messages sent to distribution lists are captured.
For example, if User A sends a message to User B, and if User B has archiving enabled, the MTA delivers two messages — one to User B’s mailbox and one to User B’s archive mailbox. The message received in User B’s mailbox looks normal, as shown in the following example:
Received: from localhost (localhost.localdomain [127.0.0.1])… From: [email protected] To:[email protected] Subject: New License Key Message-ID: <015f01c717fe$70f042d1$b1d6f61d@thom> Date: Mon, 04 Nov 2021 23:48:18 -0000 Hi B, Can you send me the license key for the software again? Thanks, A
The message received in User B’s archive mailbox contains additional X-Envelope-From and X-Envelope-To headers. These headers show the real email address the message was sent from and each of the email addresses that the message was sent to.
Received: from localhost (localhost.localdomain [127.0.0.1])… From: [email protected] To:[email protected] Subject: New License Key Message-ID: <015f01c717fe$70f042d1$b1d6f61d@thom> X-Envelope-From: [email protected] X-Envelope-To: [email protected] Date: Mon, 04 Nov 2021 23:48:18 -0000 Hi B, Can you send me the license key for the software again? Thanks, A
Zimbra archiving can be set up to create archiving accounts that are maintained within {product-name} or to work with third-party archiving systems using SMTP forwarding to send messages to a third-party archive server. For third-party archiving, {product-name} is configured to act as the forwarding agent.
The discovery feature of Archiving and Discovery is used to search across live* and archive mailboxes for email messages and attachments. The discovery tool can be run from the Administration Console and the results are copied to a target mailbox that you specify.
* A live mailbox is an account on the system other than archive accounts and system accounts.
You can search outgoing and incoming email by date, from, to, cc, subject, keywords, and attachments. You can also create queries to search by name, dates and time ranges, distribution list, aliases.
Search results are placed in a target mailbox. You can organize your search results by creating different target mailboxes or by creating individual folders within a target mailbox for each search you run. X-zimbra-Source header information is added to each message header that is copied to the targeted mailbox. This header label includes the account ID, the account name, and the server that the account resides on.
You can see the results of the search by logging on to the target mailbox address.
You can install the archiving package on an existing single-server deployment or on a multi-server deployment.
If the mailbox server and the MTA server reside on the same node, you
configure and enable archiving as a single process. If your mailbox and MTA
servers are on separate nodes, the zimbra-archive package is installed
first on at least one mailbox server and then the archiving component is
enabled on each MTA in the deployment.
The following scenario assumes that the LDAP, MTA, mailstore and archiving servers are on the same node.
-
Refer to the {product-name} Single Server Installation Guide to open an SSH connection to the {product-name} server. Log on to the server as root and run the
./install.shcommand to begin the upgrade process. -
Accept the license agreement and type Yes to run the upgrade.
-
Type Yes for
zimbra-archivingwhen presented with the packages to be installed.
The upgrade process begins and the archiving package is installed. At this point, the Discovery feature is installed and can be used.
To enable archiving, switch to the zimbra user and enable archiving on the MTA server.
zmprov ms <zmhostname> +zimbraServiceEnabled archivingRestart the server.
zmcontrol restartThe following upgrade scenario is adding a new server that is dedicated as an archiving server to your {product-name} environment.
Before beginning the install process, record the following information.
You need this information when you install the archiving server. Run the
zmlocalconfig -s command to find the information.
LDAP Admin Password _____________________ LDAP Hostname _____________________ LDAP Port _____________________
Refer to the Multiple-Server Installation chapter in the {product-name} Multi-Server Installation guide for detailed steps on installing the packages.
-
Open an SSH connection to the mailbox server that is being configured for archiving. Log on to the server as root and unpack the Zimbra software. Run the
./install.shcommand to begin the install process. -
Type y and press Enter to install the following packages:
-
zimbra-store -
zimbra-archivingThe
zimbra-corepackage is installed by default.
-
-
Type y and press Enter to modify the system.
-
The Main menu displays the default entries for the Zimbra component you are installing. To expand the menu, type x and press Enter.
-
Select the Common Configuration menu and configure the LDAP Hostname, LDAP password, and LDAP port.
-
Select the zimbra-store menu and configure the Admin password and the License file location.
Complete the installation process following the steps in the Multi-server Installation guide, under Installing Zimbra Mailbox Server.
At this point, the Discovery feature is installed and can be used.
After Archiving is installed, you can set up archiving and manage it from the Administration Console.
- Admin Console:
-
Home → Configure → Global Settings → MTA, from Archiving Configuration check Enable archiving
Restart {product-abbrev} from the command line
zmcontrol restartYou can configure attributes in the COS to set mailbox features, quotas, and passwords, turn off spam and virus checks, and hide the archive accounts from GAL.
- Admin Console:
-
Home → Configure → Class of Service, from the Gear icon select New
-
Change Features and Preferences as required for an Archiving COS.
-
If you have a dedicated archive server, in the Server Pool page, deselect the archiver server from the list. In a multi-server deployment with a dedicated archive server, the server should be removed from the COS server pool so that the archive server is not randomly assigned to new accounts.
NoteThese steps to remove the server from the server pool are not done in a single-server deployment. Creating a dedicated archiving COS is a good idea as this makes it easy to create archive mailboxes that are configured the same. -
Modify the options on the Advanced page if required.
-
In the Archiving page, check the Enable archiving box to make this COS an archiving cos.
-
If you want to change the format for the naming scheme for archive accounts, modify the two template fields. See the Setting Up an Archive Account Name section for more information.
-
Click Finish.
-
You use attributes to create and manage the naming scheme for archive accounts. You can set up these attributes either by COS or by account. For COS, these attributes can be changed from the Administration Console, COS or individual account’s Archiving page.
-
Account date template. Sets the date format used in the name template. The default is
yyyyMMdd. Adding the date to the account name makes it easier to roll off older data from the system to backups. -
Account name template. Sets up how the archive mailbox name is created. The default value is
${USER} ${DATE}@${DOMAIN}.archive.
The archive account address would be similar to the following example:
If you change the default value, you must use syntax that creates a valid
email address. We recommend that you add .archive to all archive accounts
to create archive mailboxes in a non-routable domain to prevent spoofing of
the archives.
When the template based on the zimbraArchiveAccountDateTemplate attribute
is set up, amavisArchiveQuarantineAccount is updated to the new template
name when zmconfigarchive is run.
The amavisd-new server process controls account archiving as well as
antivirus and anti-spam processes. The zmarchivectl command can be used to
start, stop, restart or obtain the status of the amavisd-new server process
that controls account archiving. Caution should be taken when starting or
stopping the archiving process as it is a shared server process between
archiving, antivirus, and anti-spam processes. Performing actions on any of
them affect any of the other services that may be enabled in your
deployment.
If you want to disable archiving but not antivirus or anti-spam services, disable the respective service either through the CLI or through the Administration Console.
Four attributes are related to the archive feature for accounts. Two that configure a mailbox and two template attributes to construct the archive account names.
To set up archiving for a mailbox two attributes are configured on the primary user’s mailbox. One attributed enables archiving and the second shows where messages are being archived.
-
Currently archived to — The current archive address. Archiving is to a single account. If this is unset, archiving is not enabled.
-
Archived accounts — Any previous and current archive addresses that this mailbox was archived to. containing all the accounts that have been archived for the given account.
You can create an archive mailbox with or without an assigned COS. You can also forward archive email to a third-party.
|
Note
|
Accounts with archiving enabled are counted against the number of
Zimbra licenses purchased for archiving. Archive mailboxes are listed
in the Administration Console along with the live accounts. To see
current license information, go to the Administration Console: Home → Configure → Global Settings → License. |
Archive accounts are created based on the Zimbra Archive name templates.
-
The attribute —
zimbraIsSystemResource— is added to the archive account and set to TRUE. -
The archive account is displayed in the Administration Console.
-
When a message is received in a mailbox with archiving enabled, a copy of the message is sent to the archive mailbox.
Log on as zimbra, and use the zmarchiveconfig command:
zmarchiveconfig enable <[email protected]> archive-cos <archive>If the archive account is not assigned a COS, the following settings are set by default.
-
Mailbox quota is set to 0, unlimited quota.
-
Spam and virus checks are disabled.
-
Hide in GAL is enabled, so the archive account does not display in the GAL
Log on as zimbra, and use the zmarchiveconfig command:
zmarchiveconfig enable <[email protected]>If the archive account is not maintained within {product-name}, you do not need to set a password, COS, or other attributes.
Log on as zimbra, and use the zmarchiveconfig command:
zmarchiveconfig enable <[email protected]> \
archive-address [email protected] \
archive-create falseWhen the archiving and discovery feature is installed, you can search across mailboxes either from the Administration Console or through the command line interface.
|
Note
|
You do not need to have any archive mailboxes configured to search across mailboxes, but the Archive package must be installed. |
You can assign a user to run the mailbox searches from the Administration Console by creating a delegated administrator with rights to access the mailbox search tool.
The discovery tool, Search Mail, is added to Tools and Migration on the Navigation pane when the archiving package is added. To set up a cross-mailbox search you configure the following information.
- Admin Console:
-
Home → Tools and Migration → Search Mail, from the Gear icon select New
-
Server name. The server name to be searched.
-
Target mailbox and folders. One target mailbox and folder are created automatically. You can use this mailbox for all your search results and create new folders for each search, or you can create a new target mailbox for each separate search.
A target mailbox is like any other mailbox and can have any features or preferences that are defined by the COS or by account. Target mailboxes are listed in the Administration Console Accounts list. You might want to give the target mailboxes account names that identify them as target mailboxes for cross-mailbox searches and configure a COS specific for target mailboxes to be able to manage access.
-
Limit the number of messages returned by the search. The default is 500 results.
-
You can select to send an email notification when the search is completed. The email notification includes the search task ID and status on the subject line and you can specify the type of information to include in the message, such as the number of messages found, the list of addresses resulting from the search and the search query used.
-
Select which mailboxes to search. When you check Select accounts to search, you select which account addresses to search.
-
Create the search query. You can search outgoing and incoming email by date, from, to, cc, subject, keywords, and attachments. Advanced can be used to quickly create a query to search by name, dates and time ranges, distribution list, aliases.
When searching archive messages, you can search by the envelope address using the envfrom and envto query language extensions.
-
As the search runs, the Search Mailbox Content pane lists the search and the status. Click Refresh to update this page.
Delete the search task when it is completed because it occupies server memory. When the server is restarted, past searches are deleted.
When you use the discovery feature in the Administration Console, the tool makes copies of messages in the target mailbox you create. The messages occupy server space, increasing the size of your server. You might want to delete these messages from the target mailbox when they are no longer needed.