December 22 2009 12:55:44 PM
Part 1 of 2
The ability to archive all mail traffic with mail journaling is a very powerful tool that can be used either by a private company to monitor mail, or perhaps a government agency that is required to keep all mail for Open Records purposes. In addition, it's a lot easier to go through mail journals from a document production standpoint if you're involved in a lawsuit, than it is to go through hundreds of individual user mailboxes. This assumes of course that your organization has determined that it's best interest is to maintain this documentation, and you have some kind of document retention and disposition schedule in place.
As you probably know, by default the journaling process encrypts the body and recipient fields in the mail documents when journaling, and can only be accessed with the proper user id that contains the encryption key. While this is great for super tight security, it's a bit overkill for many situations where you need to search across multiple archives, and a tight control of the mail journal ACL would suffice. The following procedure is an overview of what I've done in my organizations, but you'll need to weigh the pro's and con's and determine if it would be appropriate in your situation.
1) You will need to set this up on a server that isn't mission critical if possible. Your mail archives and their corresponding indexes will take up a whole lot of space, and you might want to consider some expandable storage. Security may be an issue and you may prefer to put this on a server that only certain administrative folks have access. In addition, with hundreds of mail archives you probably don't want this on your production mail server as they consistency checks on a restart could take an uncomfortable amount of time (See the '
Fast Restart' IBM Technote as it may help if you can't run another server).
2) If your just setting up journaling, or modifying a current environment, the first order of business is to ensure you are archiving all mail, and that the fields are not encrypted so that the server can index those fields for Full Text search queries.

Exclude fields from encryption that you will want to search.

Set up your mail rule to journal all messages.
See your Administration help for specifics.
3) After journaling is set up the way you want it, you'll need to update your journaling template, and then unencrypt all your old mail archives so that the server can index them.
- Replace the design of your mail journal db with the custom template you can download below that is based on the R8 journaling template. Make sure that you select the properties "List in db Catalog", and "Include in multi-db indexing".
4) Copy all your mail journals to a subdirectory in your Notes Data directory (for organizational purposes) and the run the designer process on the server console to update them (
load design).
5) Log in with your Journaling ID that has the authority to read the mail documents (has the encryption key), and one at a time go through the databases and unencrypt the docs by clicking the 'Process Encrypted' view, selecting all the documents and clicking the 'Unencrypt' button (as shown in the picture below).
This is tedious and will take some time. I suggest doing this on a secondary workstation as it will be tied up while the agent works. In one instance, I had over 200 databases to process, and it took me a week and a half of off and on attention to it to get this done.
Note: I suspect there should be a way to give your server ID the encryption key from your Journaling ID, however I was unable to find anything in the Notes Help databases. It would sure save some time by eliminating the task of processing all the documents.
6) Under domino administrator, select all the journaling databases and modify the ACL (Access Control Level) to include the current server, as well as any relevant employees that need to Read this database.
7) Run the domain index process.
8) You should now be able to go into catalog.nsf, and if you are an authorized user, click on Domain Search and run a multi-db query on all of your mail journals. Pretty slick huh? Except that now you'll notice that as fast as a multi-db search is, you can't search by specific fields (ie From, or Sender), and the results are not in any useful order. Additionally, you can't grab the results and throw them into another container/mailbox for production purposes. The multi-db domain search is still very handy for getting just a few narrow results, but for advanced needs we now need to build on it and actually do something with our search results.
->Part Two: Advanced Actions
Coming Soon... Download custom template