Secure Messaging

Learning Center

Back to top

Search Results

What is the difference between Journaling & Archiving?

Journaling refers to capturing information about an electronic message while it is in transit. The ‘journaled’ message may or may not be encrypted. Archiving, on the other hand, is primarily dedicated for backing up basic and encrypted messages to an off-site location (cloud archive). Archiving does not occur while the electronic message is in transit and users may have access to their own archived (decrypted) messages through a separate interface.

The Secure Messaging platform supports both methods. Notification messages (Encrypted messages, or stubs) can be ‘journaled’ in transit when they arrive at the customer’s mail server. In order to have the decrypted messages and attachments put into the archive as well, the secure messages must be archived directly from the platform through automatic decrypting-APIs. Once decrypted, it is delivered to an SMTP relay through TLS where the archive provider will now have the encrypted (notification) ‘journaled’, and a separate entry with the decrypted secure message. For e-discovery purposes, this proves that a notification was delivered to the recipient, and exposes the content of the secure message in a separate entry.

Microsoft Exchange® Journaling intercepts outgoing or incoming messages, and journals them to a specific archiving address. When sending a secure (encrypted) message, the actual message content is sent encrypted through the Secure Messaging platform. Consequently, Microsoft Exchange® will only journal the message notifications that do not contain confidential data. In order to complete the archiving process, the Secure Messaging platform implements a direct method of decrypting and archiving to ensure that the secure message’s content is archived to the third-party archiving provider (Cloud or On Premise).

Description of functionality and workflow:

When a secure message is sent, the secure message archiving functionality creates a copy of the secure message as a basic (normal) decrypted email message (server side), with the full message content decrypted in the body and attachments. The archiving system adds the specified archiving mailbox as an “envelope recipient address”.

Then, the system connects to the third-party archiving SMTP server, authenticates via TLS using the mailbox user credentials, and sends this copy of the original secure message, but decrypted. The third-party archiving system then handles the message and routes it to the correct archive location. A TLS connection to the third-party archiving SMTP server is required to ensure that the secure message content is not sent ‘in-the-clear’ via public SMTP relay servers.

Since secure message content is retained by the secure messaging servers, messages can be archived in batches without worrying about content being deleted by users. Secure message content and attachments will be archived even if the secure attachments are deleted, or the message is recalled.

NOTE: It is important that the third-party archiving system does not relay the message to the original recipients, since this will send the full message content decrypted.