Copyright 2004-2007, Barracuda Networks, Inc.
www.barracuda.com
v1.0-070707-02c-0917
All rights reserved. Use of this product and this manual is subject to license. Information in this document is subject to change without notice.
Trademarks
Barracuda Message Archiver is a trademark of Barracuda Networks. All other brand and product names mentioned in this document are
registered trademarks or trademarks of their respective holders.
ii Barracuda Message Archiver Administrator’s Guide
vi Barracuda Message Archiver Administrator’s Guide
Chapter 1
Introduction
This chapter provides an overview of the Barracuda Message Archiver and includes the following
topics:
• Overview on page 8
• Features of the Barracuda Message Archiver on page 9
Introduction 7
Overview
The need for email archiving is growing as today’s organizations are more frequently asked to keep,
and deliver on demand, access to the comprehensive library of all sent and received email messages.
The Barracuda Message Archiver is a complete plug-and-play message archiving solution that is easy
to install and administer, supplying everything an organization needs to comply with government
regulations and corporate standards. Some of the benefits in employing the Barracuda Message
Archiver are:
•Comprehensive Email Management, including support for multiple message import methods
(including support for MAPI and .PST files), comprehensive and efficient search and retrieval
tools, retention policies, and message indexing (tagging) and exporting;
•Centralized Storage Management, to allow management of all internal and external storage
volumes from a single interface, the Intelligent Storage Manager;
•Simplified and Centralized Administration, providing cost-effective management of
corporate archiving settings and rules;
•Intuitive Policy and Compliance Support, to aid in the enforcing of corporate policy,
compliance regulations and litigation requests;
•Built-in Detection of Viruses, providing extra protection to the contents of the message
archive;
The Barracuda Message Archiver is extremely easy to deploy -- all you need to get started is to install
the Barracuda Message Archiver into your network and configure the method used to retrieve the
messages to be archived. The Web-based interface allows for convenient definition, management and
control of corporate archiving settings and rules from one central location. To minimize ongoing
administration associated with security, automatic delivery of Energize Updates from Barracuda
Central, our advanced technology operations center, keeps the Barracuda Message Archiver up-todate with the latest protection against viruses and other security threats.
Archiving
The Barracuda Message Archiver can import historical data from many different sources, including
.PST files (Microsoft Outlook’s personal information store). New and existing messages can be
retrieved directly from your mail server using MAPI (Microsoft’s Message Application Protocol
Interface), POP3, or IMAP. Internal company email can be captured along with external emails, even
if journaling is not practical or available at your location, by configuring the Barracuda Message
Archiver to act as an SMTP relay to forward messages to your designated email server. The
Barracuda Message Archiver can also be an SMTP recipient, to work with Bcc journaling (also
known as sidelining), or with the journaling capabilities of the Barracuda Spam Firewall
Intelligent Storage Manager
The Intelligent Storage Manager provides a complete view of used and available storage on the
Barracuda Message Archiver. The built-in storage is on swappable drive trays (hot-swap available
on certain models) to provide added control and email management across an organization’s network,
allowing easy transfer of emails from costly, transaction-based storage required for production email
servers to less expensive storage options. Administrators can also enable storage mirroring for data
redundancy, and add external storage volumes for unlimited storage capacity.
In addition, the Single Instance Storage feature enables the Barracuda Message Archiver to
intelligently remove duplicate emails and attachments that are sent to multiple recipients. Storage
capacity is further maximized by compression of messages before storing it in the file system.
Litigation and Compliance Support
The Barracuda Message Archiver comes with both standard and customizable policies to support
various corporate and legal regulations. In addition to policies on acceptable content, retention
policies are also available to govern the length of time to retain email messages. Alerts can be sent
on detected violations, and easy export of archived messages and access records makes them readily
available for delivery to legal counsel whenever needed.
Introduction 9
Tamper-Resistant Architecture
Users and administrators have only read access to messages that are stored on the Barracuda Message
Archiver, thus making it virtually impossible for someone to intentionally or accidentally corrupt the
archive.
Search and Retrieval
The Search tool located in the Web interface of the Barracuda Message Archiver conducts quick fulltext searches based on tags, message content, or message attachments. Users can easily search and
view personal messages in the archive, and forward emails to active mailboxes. Administrators and
Auditors can easily sort through a message archive to compile relevant messages based on keywords,
dates and sender/recipients into an exported file.
Indexing
Using a thorough list of all message components, all messages on the Barracuda Message Archiver
are fully indexed by message content and attachments, with the option to add tags for customized
searches.
Roles
The Barracuda Message Archiver has a role-based permissions system, which allows auditing access
privileges to be granted to individual users. Users can access and create searches only for their own
personal messages in the archive, while auditors have the ability to view, track, and monitor policies
on messages for all users.
Reporting and Statistics
Sophisticated, built-in reports on the Barracuda Message Archiver provides statistics on various
operational and legal aspects. Default reports include the growth of the message archive, policy
violations, and archive traffic.
Energize Updates
Many security technologies are integrated into the Barracuda Message Archiver. In addition to the
virus protection that is standard on all Barracuda Networks products, the Barracuda Message
Archiver also gets the latest in document type and policy definitions via Energize Updates, which are
updated around the clock at Barracuda Central.
This chapter provides an overview of the Barracuda Message Archiver and includes the following
topics:
• Basic Terminology on page 12
• Barracuda Message Archiver Configurations on page 13
• Other Message Archiving Concepts on page 16
Message Archiving Concepts 11
Basic Terminology
The following is a list of some of the terms used by the Barracuda Message Archiver. Understanding
these particular terms will aid in administering your Barracuda Message Archiver.
Table 2.1: Basic terminology
TermDescription
Intelligent Storage ManagerA feature of the Barracuda Message Archiver that provides a powerful
Concatenated StorageA method of data storage management that allows separate, additional
MirroringA data storage method that involves saving the same data on more than
Single Instance StorageProcess in which the Barracuda Message Archiver removes duplicate
yet easy-to-use interface for management of both internal and external
storage volumes.
external storage drives to be treated as one single drive.
one area of the file system for data redundancy, to reduce the chances
of data loss or corruption due to hardware failure.
emails or attachments sent to multiple recipients, and compresses the
one copy prior to storage, to maximize storage capacity.
Discovery
E-discovery
Legal hold
Litigation hold
JournalingSending a copy of an email message to be archived.
Global AdministratorThe “admin” login on the Barracuda Message Archiver. This is the
AuditorRole typically assigned to an internal or outside third-party inspector of
UserDefault role of any local or LDAP account. Users only have access to
“Discovery” is a US legal term for the identification and gathering of any
and all documents pertaining to a particular topic, for the purposes of a
lawsuit or legal case. “Electronic discovery”, or “E-discovery”, refers to
discovery of all electronic documentation.
Process during which all communication (electronic and otherwise)
must be preserved in anticipation of impending litigation.
overall administrator for the Barracuda Message Archiver, with the
ability to view all messages, configure users, and control all available
settings.
messages. Auditors are able to create and monitor policies as well as
view messages, but cannot otherwise administer the Barracuda
Message Archiver itself.
The deployment mode chosen is usually dependent on the email server configuration that currently
exists at your site, as well as the number of domains that are to be archived.
Table 2.2 shows when each deployment type is recommended.
Table 2.2: Deployment Type Details
If you have...Type of deployment to use
Note
Note
a mail server that is capable of
journaling
a mail server that is NOT capable
of journaling, AND a Barracuda
Spam Firewall
For specific information on the steps required to add new messages to the Barracuda Message
Archiver, see Importing New Messages on page 31. For details on how to add existing messages,
see Importing Historical Data on page 33.
If your email server does not support journaling, AND you do not have a Barracuda Spam Firewall,
contact your Barracuda Networks Sales Representative for further options.
Journaling Deployment
SMTP Relay Deployment
Message Archiving Concepts 13
Journaling Deployment
Networks that utilize email servers capable of journaling can use either a remote journal account to
“pull” messages to be archived, or a special designated SMTP recipient (user account) to “push”
messages to the Barracuda Message Archiver.
Remote Journal Account (Recommended)
In this configuration, the Barracuda Message Archiver is placed off to the side of the email server,
which must have journaling configured to allow the Barracuda Message Archiver to “pull” the
messages directly from the journal account. Emails already on the server prior to journaling being
enabled can still be imported using Microsoft’s Message Application Protocol Interface (MAPI).
Designated SMTP Recipient (Bcc journaling)
If you choose to use a “push” mechanism to send messages to the Barracuda Message Archiver, then
a designated email account, or contact, must exist to be the recipient of all messages that are journaled,
or archived. Journaling must then be configured on the email server to send that user a copy of all
messages that are to be archived, and a forwarding rule created to deliver all messages received by
that user to the Barracuda Message Archiver.
When journaling on your email server is not available or a practical option, you can use a combination
of the Barracuda Message Archiver and the Barracuda Spam Firewall to capture both external and
internal emails via SMTP. To capture messages sent from external Internet users, you can leverage
the journaling capabilities of the Barracuda Spam Firewall to copy messages to your Barracuda
Message Archiver. To capture messages sent from inside your organization, you can configure
internal email clients to use the Barracuda Message Archiver as an SMTP relay placed in front of your
internal email server.
Figure 2.2: Sample layout for SMTP Relay Deployment
Note
The Barracuda Spam Firewall will only forward messages that it does NOT block to the Barracuda
Message Archiver.
Message Archiving Concepts 15
Other Message Archiving Concepts
Policy Monitoring
Many organizations need to keep track of violations of organizational policy and be alerted when they
occur. Policies can include defining when it is acceptable to send messages containing executable
files or any inappropriate content (usually never); identifying how often messages containing
references to forbidden topics are sent (especially when litigation is expected); and when certain email
recipients can be contacted (excessive personal emails during business hours).
The Barracuda Message Archiver comes with a set of standard policies that are updated regularly via
Energize Updates, and also allows you to easily create your own to fit your specific organization
environment. Alerts can be configured to go out whenever a policy violation is detected, and reports
are available to summarize new policy violations as well as detect any that are found amongst the
messages stored in the archive.
Auditing
Organizations frequently use outside firms to perform an audit of company records. With the
Barracuda Message Archiver, an independent auditor can be provided with complete access to all data
without needing to be added directly into the official directory structure, nor do they need to be given
administrator-level privileges to the entire network.
Specific individuals or accounts can also be given special audit privileges if so desired. Audit
privileges on the Barracuda Message Archiver includes the ability to create and monitor policies, and
flag messages as needed.
Exporting Messages
Messages that are found to be in violation of organizational policy often need to be gathered together
for easy presentation. Once a search has located the messages you want to export, the Barracuda
Message Archiver can export a .zip file containing .eml versions of those messages.
Alias Unification
Each user typically only has one account on the email server, but may have multiple email addresses
(usually variations on their initials and names) that will also reach them. These aliases are resolved
by the email server using protocols such as LDAP, so that messages addressed to an alias are actually
delivered into the appropriate email account.
The Barracuda Message Archiver also will unify the primary account with all of its known aliases, so
that a user will have archive access to all messages received by that user regardless of the "Send To"
address on the message.
These are the general steps to set up your Barracuda Message Archiver. For more detailed instructions
for each step, see the following reference pages.
Prepare for the Installation
Before installing your Barracuda Message Archiver, complete the following tasks:
•Decide which type of deployment is most suitable to your network. For more information on the
•Verify you have the necessary equipment:
Prepare for the Installation ............................................................... 18
Connect Barracuda Message Archiver to Network ...........................19
Configure IP Address and Network Settings ..................................... 19
Configure Your Corporate Firewall................................................... 20
Configure Access to the Barracuda Message Archiver ..................... 20
Update the Barracuda Message Archiver Firmware......................... 21
Verify Your Subscription Status.......................................................... 22
1.Fasten the Barracuda Message Archiver to a standard 19-inch rack or other stable location.
Caution
Do not block the cooling vents located on the front and rear of the unit.
2.Connect a CAT6 Ethernet cable from your network switch to the ethernet port on the back of
the Barracuda Message Archiver.
3.Connect the following to your Barracuda Message Archiver:
•Power cord
•VGA monitor
• PS2 keyboard
After you connect the AC power cord, the Barracuda Message Archiver may power on for a few
seconds and then power off. This behavior is normal.
4.Press the Power button located on the front of the unit.
The login prompt for the administrative console displays on the monitor, and the power light on
the front of the Barracuda Message Archiver turns on. For a description of each indicator light,
refer to Understanding the Indicator Lights on page 41.
Configure IP Address and Network Settings
The Barracuda Message Archiver is assigned a default IP address of 192.168.200.200. You can
change the address using the administrative console or by pressing and holding the RESET button on
the front panel.
Holding RESET for eight seconds changes the default IP address to 192.168.1.200. Holding the
button for 12 seconds changes the IP address to 10.1.1.200.
To set a new IP address from the administrative console:
1.Connect your keyboard and monitor directly to the Barracuda Message Archiver.
2.At thebarracuda login prompt, enter admin for the login and admin for the password.
The User Confirmation Requested window displays the current IP configuration of the
Barracuda Message Archiver.
3.Using your Tab key, select Change and press Enter to change the IP configuration.
4.Enter the new IP address, netmask, and default gateway for your Barracuda Message Archiver.
Save to enter your changes. (The Primary and Secondary DNS fields are optional at this
Select
time, but if not entered at this step then they must be entered in step 3c. of To configure the Barracuda Message Archiver on page 20). Select
The new IP address and network settings are applied to your Barracuda Message Archiver.
Exit.
Getting Started 19
Configure Your Corporate Firewall
If your Barracuda Message Archiver is located behind a corporate firewall, refer to Table 3.1 for the
ports that need to be opened on your corporate firewall to allow communication between the
Barracuda Message Archiver, your email server, and the Internet.
Table 3.1: Ports to Open on Your Corporate Firewall
PortDirectionProtocolDescription
22OutTCPRemote diagnostics and technical support
25OutTCPEmail notifications (see below)
53OutTCP/UDPDNS (Domain Name Server)
80OutTCPFirmware and Energize updates (unless
123In/OutUDPNTP (Network Time Protocol)
443 (optional)InTCPFor remote access over SSL (https) to the
services
configured to use a proxy)
Barracuda Message Archiver. See
Enabling SSL for Administrators and
Users
on page 24
8000OutTCPThe administration Web port. See step 4c
Configure Access to the Barracuda
of
Message Archiver
One of the ports listed above is port 25, the default port used for SMTP traffic. Some organizations
have firewall rules that only allow emails to be sent from the IP address of their email server. In these
situations, the corporate firewall will have to be modified to allow emails to be sent from the
Barracuda Message Archiver as well so that system alerts and reports can be emailed.
The Barracuda Message Archiver also should not usually be accepting incoming SMTP requests from
systems outside of your organization’s network. However, if your email server is located in a DMZ,
you may need to configure your corporate firewall to allow incoming traffic over port 25 from your
email server to the Barracuda Message Archiver.
Configure Access to the Barracuda Message Archiver
After specifying the IP address of the Barracuda Message Archiver and opening the necessary ports
on your corporate firewall, configure the Barracuda Message Archiver from the Web administration
interface. Make sure the system being used to access the Web interface is connected to the same
network as the Barracuda Message Archiver, and that the appropriate routing is in place to allow
connection to the Barracuda Message Archiver’s IP address via a Web browser.
on page 20
To configure the Barracuda Message Archiver
1.From a Web browser, enter http:// followed by the IP address of the Barracuda Message
Archiver, followed by the default Web Interface HTTP Port (:8000).
For example:
2.Log into the administration interface, using admin for both the username and the password.
3.Go to the Basic > IP Configuration page and perform the following steps: