Journaling is the process of passing a copy of every new email that is sent or received on any mailbox in Google Workspace. The process is performed in a secure way, with BCC copies delivered to ArcTitan using the SMTP protocol.
There are two parts to setting up a journaling for Google Workspace:
Create an SMTP Route to the Archive, which determines how the journal flows to the ArcTitan archive.
Create a Journaling Rule for Google Workspace, which determines the scope of the mail to copy to the ArcTitan archive.
Before you can set up Journaling Rules, you must ensure that Google Workspace can deliver mail to the Archive. Note, however, that this may be optional, based on the following:
If your Outbound mail is routed via a third-party anti-malware service, then you may need to re-route the Journal flow to avoid this service and go direct to the archive instead.
To create a route to the ArcTitan host, do the following:
-
Open your Google Workspace Admin console, and select Apps > Google Workspace > Gmail.
-
Open the Hosts section and select Add Route. In the window that opens, enter the following:
Name: Enter archive.cryoserver.cloud, which is the email domain taken from the Journal Email Address for Cryoserver (ArcTitan?)
Single Host: Under Single Host, enter the DNS name for the SMTP receiving service, which is archive.cryoserver.cloud (?). For the required port, enter 25.
-
Options: The recommended options are selected by default and do not need to be changed:
Require mail to be transmitted via a secure (TLS) connection (Recommended)
Require CA signed certificate (Recommended)
Validate certificate hostname (Recommended)
-
Select Save. Now, emails addressed to this host name will route to the specified server.
The journal email address appears as: acompany@archive.cryoserver.cloud
The route details are:
Name: archive.cryoserver.cloud
Single Host: smtp.archive.cryoserver.cloud/25
TLS: Set the CA certificate option according to the instructions for your archive service.
To test that the SMTP route has been created successfully, send an email from a mailbox in your Google Workspace to the ArcTitan journal email address. You should receive confirmation from ArcTitan that it has received an email, and you should be able to search for it.
After you have created an SMTP Route, you'll need to determine the scope of the mail to copy to the archive, and create a journaling rule. There are several ways to journal; however, Google Workspace only supports Blind Copy style Journaling. The Blind Copy style means a copy of each email is routed to an external endpoint, which is ArcTitan. A Blind Copy rule can be created for every email sent or just for specific email accounts.
Note
With Blind Copy style Journaling, the archive copy is not informed of any other BCC recipients on the sent emails or BCC recipients of this workspace’s domains. It doesn't indicate the actual recipients for emails sent to distribution groups. Nor does it indicate who the recipient is when there there is an auto-forward rule.
You'll be sent an email address to which Journal Mail should be sent, which has the following format:
where “archive.fcstitanhq.cloud” may match the URL hostname that you use to access the Web of the archive service. (for example, https://archive.fcstitanhq.cloud/.../acompany).
-
Open your Google Workspace Admin console, and select Apps > Google Workspace > Gmail.
-
Scroll down to Routing and select that section. Then select Configure:
-
In the window that opens, do the following for the areas that are highlighted:
Enter a meaningful name, such as Journaling to ArcTitan.
Select all the checkboxes in Email messages to affect: which are Inbound, Outbound, Internal - Sending, Internal - Receiving.
-
Under Also deliver to, select Add more recipients, and then Add.
-
Enter the Arctitan Journal Email Address that you were given, which appears as: acompany@archive.fcstitanhq.cloud. Select Save.
You added the email address under Basic settings, so now it's necessary to go to Advanced Options and make an additional selection.
-
Select Edit.
-
In the next window, select Advanced from the dropdown arrow. Scroll down and under Headers, select the Add X-Gm-Original-To header checkbox. By selecting this option, additional recipient details are included in the headers of the emails that are sent to the archive. These details are not included in the emails received by the recipients.
-
Select Save. The details of the Journaling Rule appear as follows:
After you have set up the journaling rule, you can verify it by creating and sending emails and ensuring that they are copied to the new journal mailbox. It is recommended that testing being performed using multiple combinations based on sender/recipient, internal and external. Some suggestions are that emails be sent:
Internally: To; To/CC/BCC; to a distribution group
From internal to external: To/CC/BCC
From internal to both external and internal
From external to internal
Versions of Messages that are Journaled
Inbound messages: The version of the message received by the user is the one journaled. For example, if a content compliance policy triggers and strips the attachment, the journal copy won’t have the attachment.
Outbound messages: The version of the message sent by the user is journaled. For example, if a content compliance policy triggers and strips the attachment, the journal copy would retain the attachment.
Internal messages: For messages sent within your domain, acts like an inbound message for the recipient and an outbound message for the sender.
Messages Sent to Admin Quarantines
Inbound messages: If an inbound message is sent to admin quarantines, the journal copy isn’t sent until the message is released from the quarantine. If a quarantined message is denied, the user never sees the message and therefore it’s not archived.
Outbound messages: If an outbound message is sent to admin quarantines, a journal copy is sent when the user clicks Send, irrespective of whether the message is quarantined.
Messages with Multiple Recipients
Sometimes when a message is sent to multiple recipients, one group can receive a different version of the messages due to compliance or routing policies.
Inbound messages: A separate journal copy with the relevant message version is sent corresponding to each recipient. To determine whether multiple recipients received the same message, the archiving solution should use deduplication logic.
Outbound messages: A single copy sent by the sender is journaled.
Internal messages: Internal recipients will remain on the message. Although some internal recipients may not actually get the message due to content compliance or other policies, delivery to some or all recipients is captured.
Messages with Unrecognized Recipients
Journals aren’t sent for messages received for unrecognized recipients. To journal for a particular user, the user must be registered.
Retry mechanism for SMTP failure codes
If a message isn’t successfully delivered to the journal address and the Simple Mail Transfer Protocol (SMTP) host returns a temporary error (4xx), Gmail tries to resend the message for eight days. If the SMTP host returns a permanent error (5xx), Gmail does not try to resend the message.