There are many applications for implementing central email archiving features for Exchange servers, which is obligatory in some countries. Unfortunately, most of them can become quite expensive with growing user counts.
But there is one free and open source solution available which works stable, has all needed features and a user-friendly web interface: Piler
Installation and configuration
A good start is the ready-to-use VM appliance. You can also convert it to Hyper-V VHD(x) format, e.g. with VirtualBox.
If you use Microsoft Exchange Server, you might also have to modify /var/piler/www/config-site.php. Add:
$config['REWRITE_MESSAGE_ID'] = 1;
Otherwise Piler could recognize false duplicates.
Note: Never edit config.php! If you need to change values, copy them from there and paste/modify them in config-site.php.
You might also have to edit /etc/resolv.conf and /etc/network/interfaces to fit your network environment and DNS.
Configure your timezone using SSH console command “dpkg-reconfigure tzdata”.
Proceed with the official documentation. This PDF can also be useful.
To make Exchange send a copy of every incoming and outgoing mail to Piler, you have to modify some settings in the Exchange console. The documentation includes some ways to do this.
- Add a new contact ([email protected])
- New Journaling rule, where you can tell Exchange to explicitly not archive internal mails, but incoming + outgoing.
- New Organization configuration -> Hub Transport -> SMTP connector for yourPilerHostname.local.
Active Directory / LDAP binding
Binding Piler users to your AD always makes sense. Every user can then log into Piler and view the personal archive (with only read permissions).
Your config-site.php configuration regarding LDAP could look like the following one, but also have a look at the documentation.
$config['ENABLE_LDAP_AUTH'] = 1;
$config['LDAP_HOST'] = 'maindc.yourdomain.local';
$config['LDAP_HELPER_DN'] = 'cn=ldap,cn=Users,dc=yourdomain,dc=local';
$config['LDAP_HELPER_PASSWORD'] = 'ldapPw';
//$config['LDAP_MAIL_ATTR'] = 'mail';
$config['LDAP_AUDITOR_MEMBER_DN'] = '';
$config['LDAP_ADMIN_MEMBER_DN'] = '';
$config['LDAP_BASE_DN'] = 'dc=yourdomain,dc=local';
SSO (Single Sign-On)
This is a very comfortable feature for your users. Having this enabled, Piler uses Windows user login data.
Look here for more information.
Unfortunately, the feature does not work with Nginx, which is used by the VM appliance by default – have a look here.
Make a VM snapshot before to be safe.
- net ads join –S maindc.yourdomain.local -U Administrator
- (modify /etc/hostname before!)
- Change to Apache
- apt-get remove nginx nginx-common
- apt-get purge nginx nginx-common
- apt-get install apache2
- apt-get install php5 libapache2-mod-php5
- /etc/apache2/sites-available/default: AllowOverwrite, DocumentRoot /var/piler/www
- a2enmod rewrite
- service apache2 restart
When you access http://yourPilerHostname.local in your browser afterwards, you should be directly logged into Piler with your Windows username.
For admin / auditor access, use http://yourPilerHostname.local/login.php for manual login.
There is no native Outlook Add-On available for Piler, but a nice workaround.
You can use a simple Outlook subfolder’s Home Page property to point to http://yourPilerHostname.local. Combined with SSO, the Outlook user can enter the archive with a single click on the folder.
You can also deploy this folder via script / GPO.
Alternative store destination
Mails have to be archived for 7 years by default, so the data store can grow quite large. You might want your Piler VM to stay small and save the archive mails to a remote destination. This can also be useful if you want to separate what you want or don’t want to store in your network’s backup solution.
Basically, it works like described here for NFS.
For Samba / SMB / CIFS, it’s a similar way.
Install cifs-utils, then edit /etc/fstab like:
//files/mailarchive /var/piler/store cifs uid=1000,gid=1000,auto,_netdev,username=mailarchive,password=yourpassword,domain=yourdomain 0 0
Make sure you use uid=1000 and gid=1000, otherwise the Debian piler user does not gain write permissions on the share.
After you have finished the configuration process like in the link above, look at the logfiles (e.g. /var/log/mail.log) for errors. Also make sure the folders on the remote share are growing.
For every scenario it’s good to make sure no e-mail gets lost whatever might happen:
- Server containing the network share for the data store is offline
- Incoming mails stay in mail queue until the store is available again
- Note: It can take more than 20 minutes for the Linux system to recognize the re-availability of the network share
- Piler VM is offline
- Exchange tries to send it later, until the receiver (Piler VM) is on again. By exchange defaults this behavior works for a few days.
- You can configure Nagios or other monitoring systems to send alerts if the Exchange queue has e.g. more than 30 mails in it.