[REVIEW] Exchange Archive – Mailmeter (I)

Print this post Email this post

Mailmeter by Waterford Technologies is a forensic, archival and policy enforcement tool for Microsoft Exchange Server (5.5 – 2007), Lotus Domino (R6, R7 or higher) and IMail (V8, 2006 or higher). For the purpose of this evaluation, I install the Mailmeter software for Microsoft Exchange 2003 on Microsoft Windows 2000 Server. I think the software does what I expected and more, but installation was not as breeze as I’d like it to be. On the up side, their technical support team is very helpful in answering my questions.

Problems with my installation:

  1. Configuration Wizard Error
    When the configuration wizard is supposed to read mails from some mails from accounts in the address book, it fails and reports some XML error. There are no further errors after forcing it to continue with the installation . The tech support indicates that it might be because our mail server is configured with non-FQDN domain for Active Directory, although it also have an FQDN domain for e-mail use. For now this issue is deferred because the primary system is running.
  2. Non-FQDN Windows Domain
    Mailmeter expects the Windows domain to be FQDN so the AD based login always fails because it anticipates the missing “.com” or “.net” or whatever suffix available. Not all companies set this to FQDN, so Mailmeter releases a patch so that it will ignore the missing suffix.
  3. Internet Header in Filtering Fails
    Mailmeter requires additional plugin to filter out messages that I don’t want to archive. Waterford Technologies says that this is done to protect both the customer and vendor. By having to request the plugin, both parties acknowledges that the filter may be set to discard certain type of messages from being archived. In my case, I set it to ignore all e-mails that’s tagged as spam by SpamAssassin.This is plugin is very easy to install and use. It is a rule based plugin with a default rule to archive anything that doesn’t match any previous filter. I created a rule that will discard any messages that has “X-Spam-Flag: YES” in the internet headers. There’s a bug in the code that prevent the matching against internet headers (it always match it against empty string); thus the rule always fail.They claimed that since Mailmeter is a forensic tool, it is rarely set to discard any messages from being archived. Additionally, they commented that the tool is usually set to match against a specific sender, recipient, or subject, thus the internet header functionality is never fully tested. This issue is resolved within hours after investigation.
  4. The Patch for Item #1 Causes the “Group Builder” Functionality to Fail
    This is a new bug found and is still work in progress.
    UPDATE 6/12/2007: They come up with the fix in less than 2 hours after investigating the issue.
  5. Stubbing Functionality Seems not Working
    This is a new bug found and is still work in progress.
    UPDATE 6/12/2007: After looking into the database, the journaled entry and the content in my mailbox differs by 1 space. Since it’s not the exact same message (from computer’s eye), the message is not stubbed. This issue will be further checked after the near future.

My opinions about Mailmeter and Waterford Technologies:

  1. Their patch turnaround time so far is very fast (less than 24 hours for #2 and less than 4 hours for #3).
  2. Their sales and technical support team is very knowledgeable and helpful. Their technical support team is willing to listen to your complaint and problem thoroughly.
  3. Provided documents are very detailed, but examples needs consistency. The username, password and server name that’s used as example on certain steps are different from the other steps.
  4. Insight and Individual Search & Retrieval can find messages and texts within attachment (tested for PDF, DOC and ZIP) in matter of seconds.
  5. Installations can be very modular or integrated. Each components, the server, database and storage space can be on one single machine or separate entities. The storage space may even be set to a NAS or SAN devices.
  6. Quick glance of mailbox usage/abuse using the MBA or Insight
    • Find out largest mail sender
    • Find out most common extensions sent
    • Find out based on address pairs
    • Find out based on certain word in the message
  7. (Work In Progress) Stubbing is theoretically compress and cuts mailbox storage up to 90%
  8. (Briefly tested) Outlook add-in integrates searches within outlook with savable search results

Although there are some hiccups during the installation, Waterford Technologies provides exceptional support. This is a definite plus for any software company. The Mailmeter server has been actively collecting e-mails and data from the Exchange server, but end-user usage has been limited to certain technically competent beta testers. The “part 2” of this review will include more test details and real life scenarios after the system goes “GA Live”.

Be Sociable, Share!

Tags: , , , , , , ,

One Response to “[REVIEW] Exchange Archive – Mailmeter (I)”

  1. NoahsMyBro Says:
    September 7th, 2007 at 11:49 am

    I see from your blog that you have installed MailMeter, and that you use Microsoft CRM.

    I assume you use MS CRM v3.0?

    I’m exploring whether or not I can expect to encounter any problems if I install MS CRM into an environment already running MailMeter. Are you aware of any problems running both?

    Thanks,
    Steve

Leave a Reply

You must be logged in to post a comment.