Exchange Server TechCenter >
Exchange Server Forums
>
Transport
>
Transport Rule to BCC all mail to and from an external domain.
Transport Rule to BCC all mail to and from an external domain.
- We picked up a client (xyz.com) that has a requirement for us to keep records of all the email to and from our Org (abc.com) to theirs. So I'm needing some help with creating a rule that will BCC every message from or to from xyz.com to a mailbox. Exch 2k7 SP1
1. Can this be done with one rule?
2. What conditions would be needed? I was thinking "from users inside or outside" along with "when the message header contains text patterns". The reason I asked question 1. was because the condition "from users inside or outside" only allows an OR statement and not AND.
3. What are the appropriate values that can be entered in the message header condition? Is this just like To, From, Message-ID etc?
I don't have a test environment to implement this so forgive me for being overly cautious.
Thanks in Advance,
JB
Answers
- This shouldn't be such a challange. All I want to do I look in every header for a string of @xyz.com and BCC it to a mailbox. I'm still testing this and so far it looks like I'm going to need 3 rules.
When the header TO field contains xyz.com, BCC message to mailbox
When the header FROM field contains xyz.com BCC message to mailbox
When the header CC field contains xyz.com BCC message to mailbox
Anyone see a better way to get this done?
Thanks,
-JB
- Marked As Answer byMike ShenMSFT, ModeratorFriday, November 20, 2009 9:14 AM
All Replies
- I would suggest to enable jorunaling in this case. It willl keep a track of all the emails inbound and outbound in the domain. As soon as the mail is fired out or comes in , you get a copy of it. Also if you want to journal the messages for one user or two user, still this can be done in echange 2007.
http://technet.microsoft.com/en-us/library/bb738122.aspx
Raj
Thank for your response. Journaling was the first thing I looked at. However, I'm only interested and journaling all the email to and from a particular external domain. We have way too much traffic to journal ALL email. The Journaling documentation mentions that in order to Journal specific traffic that a DL, Contact, or User has to exist in the Org before it can be acted upon. It seems unreasonable to have to create Contacts for everyone from XYZ.com domain in order to Journal this traffic.
I read Amit's response at the end of this thread which is what lead me down the Transport rule path but of course generated my original questions.
http://social.technet.microsoft.com/Forums/en-US/exchangesvrcompliance/thread/feb1b844-6514-4405-81b6-5f51342fa3eb
Thanks.
-JB- It sounds like your best option is to create a Transport rule using "when the From address comtains xyz.com" and then use the BCC them to your Mailbox.
Thanks
Will
Will Shepherd - MCSE/MCITP/MCTS (Windows 2008,Exchange 2007,OCS 2007) - Woudn't that just catch email from outside to inside correct? I also need to BCC email that originates from inside TO: xyz.com
I'm not seeing a condition for "when the TO address contains".
Thanks,
-JB Jason, thats why my first option was to do the journaling. Actually i was trying to to reproduc ethis in my lab and was not able to do so and the only option was journaling.
Raj- Proposed As Answer byMike ShenMSFT, ModeratorWednesday, November 18, 2009 3:07 AM
- This shouldn't be such a challange. All I want to do I look in every header for a string of @xyz.com and BCC it to a mailbox. I'm still testing this and so far it looks like I'm going to need 3 rules.
When the header TO field contains xyz.com, BCC message to mailbox
When the header FROM field contains xyz.com BCC message to mailbox
When the header CC field contains xyz.com BCC message to mailbox
Anyone see a better way to get this done?
Thanks,
-JB
- Marked As Answer byMike ShenMSFT, ModeratorFriday, November 20, 2009 9:14 AM
- Hi Jason,
I think that currently, it is best rule to bcc all messages to/from xyz domain.
Thanks,
Mike - I need the exact same thing. Tthe problem I am having is getting it to nab the domain only such as with a wildacrd. The rule I have for outbound works for the SPECIFIC text and email addresses I have put in, but it isn't catching anything to just the domain. I've tried *domain.com, *@domain.com but it doesn't catch it. It would appear from the docs that wildcards work but it isn't for me :/
Any luck here? I can;t set up journaling per se as the envirmonet isn't monitored to have the mailbox emported to archive etc every week of month :/ I just need a simple rule like yours. Journalling is probably something to look at down the road.... - I just figured it out, I am not sure if its a bug or not!? But it is working now, and this box has SP2.
My original rule had:
first condition: from users inside the org
second condition: and sent to users inside or outside the org
third condition : message header TO (I am pretty sure capital letters counts when working with messgae headers, or rather the exact copy of what a header displays for what you want to filter) with the text pattern of domain.com (no wildcard * needed for my tests).
fourth condition : Bcc users x, y
The SECOND CONDITION didn't work with just domain but only specfic email address's I also had in the rule. I removed the second condition as it is redundant really, and suddenly filtering any "domain.com" worked with anything i threw in front of it!
Its odd that the filter was working with specifics for what i now say was a redundant condition and that it wouldn't grab anything headed for a domain outside of the specifics.
