filtering for Journal Archiving
Hi everyone,
I did some checking and found that our SCOM server generates so much mail that it's probably worse than any spam. Obviously it gets archived as it passes through the journaling mail box and ultimately ends up in the Journal Archive. It always comes from the same address scom.admin@mycompany.com.
I wish I could filter this sender out from archiveing completely. And probably same goes for the reciepient. Has anyone emplemented anything similar? I will appriciate any help.
I'm running EV 901 and Exchange 2007
Igs
Your filter will look something like this:
<RULE NAME="SCOM Mail" ACTION="HARD_DELETE">
<AUTHOR INCLUDES="ANY" ALLOWOTHERS="Y">
<EA>scom.admin@mycompany.com</EA>
</AUTHOR>
</RULE>Also, here is the link to Robs article, the above link didn't seem to work:
https://www-secure.symantec.com/connect/articles/custom-filtering-enterprise-vault
Since his article is for Mailbox you will need to tweak it for Journaling. Also check out these TN's:
Example ruleset file for custom filtering
Article:HOWTO58121 | Created: 2011-08-01 | Updated: 2012-09-23 | Article URL http://www.symantec.com/docs/HOWTO58121 Exchange Server and journal filtering
Article:HOWTO56325 | Created: 2011-08-01 | Updated: 2012-09-23 | Article URL http://www.symantec.com/docs/HOWTO56325