Why would you archive?
Both on-premises and in Office 365, Microsoft sets expectations to your users that they can have large mailboxes – but not many have the spare resources to follow their enterprise-focused architecture.
For many organizations in the small business and mid-size market, typically under 500 users either of these approaches aren’t a practical reality. Bandwidth is much more limited to the Internet, making the practicality of using such large mailboxes in Office 365 a little harder, and the typical implementations of Exchange Server will be single or dual-server implementations running on a virtual environment atop SAN storage. Large mailboxes aren’t practical, and often not desirable, and products like this are essential to give users what they need whilst lowering storage costs and managing PST files effectively.
And it is smaller environments that MailStore is aimed at, focusing primarily on the needs of SMBs. These same customers often chose to avoid increasing mailbox quota sizes when moving from older Exchange Server versions because the underlying SAN and backup software still has similar constraints, and although there might be more underlying space available, some of the great improvements in Exchange Server over the last ten years have also resulted in the potential for more space usage when comparing like for like – for example the removal of single instance storage and a move away from using clustered storage for high availability in favour of continuous replication, something that fortunately solutions like MailStore give you back.
And although MailStore is not a migration tool, for many moving to Office 365, archiving of data can make migration easier. Both the ingestion of data into Office 365 from a smaller organization with slower connections to the internet, and migration of data from common non-Exchange SMB platforms, like G Suite (formerly Google Apps), MDaemon and other third party IMAP servers.
To understand more about the reasons why you’d want to archive mail and clarify things a little, we’ve thought about a few use-cases that clearly outline where MailStore Server is appropriate for smaller to mid-size businesses:
- Expensive on-premises storage but growing mailbox sizes
- Compliance and eDiscovery
- Making restore of mail easier without needing to restore from traditional backups
- Archiving large amounts of data from a third-party mail server with a desire to make it accessible to users, but not keep it within Exchange
- Making it easier to move to Office 365 without a requirement to migrate vast amounts of mailbox data.
In addition to those, if you currently use an older version of MailStore Server and are looking towards a migration to Office 365 – it could be a no-brainer, given it remains compatible.
Setup and Installation
For our review, we’ve used a representative environment for a smaller to midsize business, including an Exchange Server 2016 implementation with Office 365 Hybrid configured, alongside Office 2016 clients deployed on Windows 10.
To support the MailStore environment, we’ll implement a single server, running Windows Server 2016 that will archive data from both Exchange Server 2016 and from Exchange Online.
MailStore provide a sizing guide that provides clear guidance for hardware requirements, starting from 4GB RAM plus sufficient CPU and disk space to support the implementation, with SATA-based storage suitable for most environments of up to around 250 users, with additional requirements for larger environments. Windows 2008 SP2 and Windows Vista SP2 through to Windows Server 2016 and Windows 10 are supported.
Before installation, pre-requisites are minimal, with the only requirement to ensure that Microsoft .NET Framework 4.5.1 is installed and available, with an optional requirement to install an IFilter driver to assist with file indexing.
After first login, we’re prompted to change the admin password, and then presented with the main MailStore Server application window’s Start Page. From here, we’ve got quick access to the product’s core features for archiving, search of email, export of email and tools for administration.
Under the hood of MailStore’s service configuration
Before we begin configuration of MailStore to connect to a specific service, we’ve got the opportunity to re-configure MailStore itself. If you are planning on storing a lot of data within the solution, this task will be essential, as you will likely need to use a separate storage volume to keep archived data.
The service configuration also exposes some of the more advanced functionality.
Of particular note is the IMAP interface into the service, which will be very comforting if you are looking to avoid product lock-in. Many competing products make it easy to archive data, but very difficult to get the data back out.
Having a standards compliant exit strategy like an IMAP interface is very welcome, and means you can utilize the service safe in the knowledge that if things changed, MailStore has helped you avoid product lock-in.
After examining any core service configuration, the next step is to configure directory service integration. This allows you to automatically synchronize the MailStore database with a directory and leverage Active Directory for Windows Authentication for simple user access.
Configuration of mail system sources
In an Office 365-only environment, you can synchronize directly with Azure AD; for a Hybrid environment, it was only necessary to sync AD. This required a directory service account to use, and allowed specification of a specific AD group for archived users. This was essential as you can only synchronize as many users as you have licences for.
After the directory service is configured the next step is to configure an email service to archive. Options are available for Google Apps/Gmail, MDaemon, Kero Connect, IceWarp Mail Server and other services – in addition of course to Microsoft Exchange. The option itself for Microsoft Exchange is used for both Office 365, and Exchange On-Premises.
When choosing to archive Microsoft Exchange server the option is available for a Single Mailbox, Multiple Mailboxes, Public Folders, and journaling. For the Journaling option – it’s worth noting that this will utilize a journal mailbox to extract email, so for Office 365 a third-party email system or Hybrid environment is required.
For an on-premises deployment, MailStore will detect the Exchange Server automatically. When creating an Office 365 policy you can specify – outlook.office365.com and appropriate credentials, and MailStore suggest it can also auto-detect the service address too.
For both scenarios, permissions must be granted to the account specified so that it can access data in other mailboxes and archive data. Full Access permissions and the Application Impersonation role are two examples of appropriate permissions that the account.
Next, it’s onto configuring the policy for archiving. Options are available for selecting the folders to target – either all folders, or a subset. A filter can be configured, as shown below to filter a unread messages and archive messages older than a certain date. In the example below, messages older than a month are archived.
Options are also available to delete messages, either immediately, after a period of time has elapsed after archiving or to leave messages in-place.
On the final pages of the wizard, mailboxes can be selected for archiving, alongside options for whether to automatically run the archiving in the background, or to only run archiving jobs on demand.
To test our example environment, which is running both on-premises Exchange Server 2016 and Office 365 Hybrid, policies are configured for both. Below both profiles are shown executing, archiving both environments simultaneously.
One of the key purposes of an archiving product like this is to ensure that data can be searched and found from an administrative point of view – for example to assist with a legal case in the future.
To ensure that data cannot be modified, we’ll firstly desire ensure to lock-down the ability of an administrator to modify data. With these controls in place, it would be typical to then delegate searches to a security officer; or to grant access to an administrator as and when required.
Within the Administrative Tools, a compliance section provides easy access to both areas of functionality. The Archive Access option has by default, blocked access by administrators to user’s archives. This is a welcome improvement to the product.
The Auditor Access option provides the ability to create a specific account for a security officer to use to access archive email, and view actions taken within the MailStore server environment:
After granting access, we’ll then test out the search and discovery functionality. After login as the auditor user account, the options presented allow for viewing of archives, and searching. It’s reasonably clear that the view presented works well.
The search functionality works, and is fast. A variety of terms can be used, along with the ability to search various metadata such as recipients, senders and subject, along with the ability to search the body and attachments of messages and apply fine grained filtering.
Searches can be saved, and the functionality meets the needs of most small to medium businesses. It’s simple and straightforward but has the flexibility where required.
One potential weakness with an archiving product is that it could potentially be possible for someone with access to the backups of the server, or the data files themselves, to retrieve mail and other confidential data.
MailStore server has through previous iterations supported encryption and these capabilities have been improved in version 10. MailStore server now encrypts the underlying databases which store metadata about messages (such as the subject or recipient), and associated audit trail.
By default the encryption recovery key is the product key used to licence the product. This is a known value by those who have been involved in the installation and setup of the service, and if lost makes it possible to recover data by contacting MailStore. For more security conscious customers the recovery key can be changed to a random value – which of course must be kept safe to ensure that the data can be recovered, should you move data to a new server or perform a complex recovery should a disaster strike.
The most important day-to-day aspect of the system is the experience users will have. Many competing products on the market have a poor reputation – especially those that “stub” messages, a process where the header remains in the inbox with a custom form attached. These often perform well and confuse users when they attempt to access a message they thought was in their inbox, only to find they don’t have access.
MailStore works differently in this respect and uses a web portal, and an Outlook plug-in. This makes a clear demarcation for end-users as to what to expect when attempting to access email, rather than opening a stub and waiting for something to go on behind the scenes to make the message appear.
After deploying the add-in to Outlook clients, the add-in is accessed via a dedicated tab in the Outlook ribbon. On first access this allows for configuration and can utilize the logged-on users credentials to avoid further prompts.
Message view is intended to be familiar to Outlook users. As shown below, the archive folder tree is shown above the message list, and the messages can be viewed by the user by scrolling and selecting.
For other clients, such as Mac users and mobile users, the web-based portal is available. Support is provided for major browsers in addition to Internet Explorer, including Safari 3 or higher, Google Chrome, Firefox, Opera 9, and browsers on iOS, Android, Windows Phone and Blackberry 7+ devices.
The browser experience mirrors the view within Outlook, with both using the same rendering engine and provides effectively a webmail style interface into the user’s archive. The mobile experience does not appear to be especially optimized for phones or tablets, but works well.
Pricing and Support
The pricing model for MailStore Server is on a per-user basis. This begins on a one-year model with support, starting around €14 per user for environments of around 400-500 but for smaller environments, can be as expensive as €59 per user, with subsequent years updates and support ranging from €3.23 to €13.61 respectively.
Those prices include the support for the product. For the product review, we are pleased to say we didn’t require much support, but the initial assistance with getting started was very helpful. The overall impression is that the right guidance can be given by MailStore to ensure the product is installed properly and maintained accordingly, a claim which is backed up by data provided to us showing in 2016, MailStore scored above 90% in all categories for product support.
There are customers, including some I have worked with who have held off moving to Office 365 and newer versions of Exchange primarily because of the risk of all email being off-site and potentially inaccessible over slow, unreliable links; or storage requirements ballooning version to version..
It certainly has a market and for the use cases it is designed for, it works well, and rarely among products in this category has great multi-platform support and is very easy to configure. If you need a product like this, it should be on your list.
MSExchange.org Rating 5/5