Flag messages sent to or received from an outside domain - Exchange 2007

I have had a request to copy all emails that are either sent by employees or received by employees to/from a particular domain.  In other words, on my exchange server, is there a way to flag incoming and outgoing messages that are all related to one particular domain name?  For example, if someone sends a message to an email @xyz.com, a copy of that message is automatically put into a mailbox or public folder.  The same would need to happen for any user receiving a message from an email address @xyz.com.  And to be clear, xyz.com would be an external domain.

Any thoughts on a server side rule that would actively monitor messages and pull out a copy or has anyone used some 3rd party software that might work for this?  Currently using Exchange 2007 sp3 on a Windows Server 2008 sp1 box.

Thanks,
ccmadminsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Larry Struckmeyer MVPCommented:
Not exactly what you want, but are you aware you can journal/archive all messages?
0
Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
Yes this is a easy solution...Transport Rule on your Hub server.    Example create a inbox called monitor-xyz, which you will want to hide from the GAL or you can create a non-descript inbox.     Now open Exchange Management Console -->  Org config -->  Hub Transport -->  Transport Rules.

Create a new rule and you can set your conditions like from address text patterns or message headers.    Then you have actions, so what do you want done with this message...sounds like you will want to use copy the message to address.    You would point the copy to monitor-xyz@yourdomain.com.       This is the easier and quickest solution in my mind.

Here is a good reference:  http://www.msexchange.org/tutorials/transport-rules-exchange-server-2007.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
apache09Commented:
This is exactly what MailMarshal Is Desgined to Do.
I would look into using MailMarshal if you dont already have it.

Not only can it do this but has many other useful functionalitys as well.

www.m86security.com/

I have posted the Site Address
However, it doesnt appear to be working at the moment.
(Of course May Be issue on My End)

0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Auric1983Commented:
A journaling rule is the best way to do it as EndureKona has suggested. You can then give management or whomever needs visibility into that mailbox read permissions et voila.

0
ccmadminsAuthor Commented:
I went ahead and started looking at a transport rule as suggested.  After a little bit of work and setting up a public folder to receive the messages, I can now get a copy of any message sent from a particular domain.  Along with setting public folder permissions, I can give access to certain managers easily to any message.  The problem is that I can't seem to make it work for messages sent to that domain.  Exchange doesn't have the same rule that I can apply for outbound messages like it does for an inbound message.  Any thoughts on how to make it work for message going both directions?
0
Rick FeeMessaging Engineer - Disaster Recovery EngineerCommented:
You can do something like messages sent outside  the org and set the message headers to look for xyz.com string.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.