Difference between revisions of "Archiving Emails from Google Workspace"

[checked revision][checked revision]
 
(14 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{Implementation Guide Preamble|G Suite}}
+
{{Implementation Guide Preamble|Google Workspace}}
 
+
Since MailStore accesses user mailboxes via IMAP, IMAP access must be enabled for users in the Google Admin console.
 
== Synchronizing Users ==
 
== Synchronizing Users ==
It is required to first set up a synchronization with G Suite as described in chapter [[G Suite Integration]] of the MailStore Server manual as the API credentials needed to configure archiving must first be created in the [[G Suite Integration]] configuration process.
+
It is required to first set up a synchronization with Google Workspace as described in chapter [[Google Workspace Integration]] of the MailStore Server manual as the API credentials needed to configure archiving must first be created in the [[Google Workspace Integration]] configuration process.
  
Note that while G Suite uses it's own internal user database, this itself can be synchronized with external LDAP or Active Directory environments. Even if the G Suite directory is not the primary source of user account information, it is highly recommended to synchronize MailStore Server directly with G Suite to fetch all relevant information such as email addresses.
+
Note that while Google Workspace uses it's own internal user database, this itself can be synchronized with external LDAP or Active Directory environments. Even if the Google Workspace directory is not the primary source of user account information, it is highly recommended to synchronize MailStore Server directly with Google Workspace to fetch all relevant information such as email addresses.
  
 
== Archiving Individual Mailboxes ==
 
== Archiving Individual Mailboxes ==
The following steps describe the setup of a single mailbox archiving profile by an administrator using a special service account. Alternatively, a single Gmail mailbox can also be archived using the [[Archiving_Emails_from_Gmail|GMail archiving profile]] in MailStore where the mailbox owner authorizes mailbox access by MailStore Server through OAuth.
+
The following steps describe the setup of a single mailbox archiving profile by a MailStore administrator using a special service account.  
 +
 
 +
Alternatively, non-admin users which have the ''Archive E-mail'' privilege, may archive their own Google Workspace mailbox by using the [[Archiving_Emails_from_Gmail|Gmail archiving profile]] in MailStore Server, where the mailbox owner explicitly authorizes MailStore Server to access his mailbox.
  
{{Archiving Single Mailbox Preamble|G Suite}}
+
{{Archiving Single Mailbox Preamble|Google Workspace}}
  
 
Please proceed as follows for each individual mailbox:
 
Please proceed as follows for each individual mailbox:
  
* Make sure that you configured the service account as descibes in the  [[G Suite Integration]] chapter of the MailStore Server manual.
+
* Make sure that you configured the service account as descibes in the  [[Google Workspace Integration]] chapter of the MailStore Server manual.
* Log on to MailStore Client as MailStore administrator. Only an administrator can archive emails via a G Suite Service Account.
+
* Log on to MailStore Client as MailStore Server administrator. Only an administrator can archive emails via a Google Workspace Service Account.
 
* Click on ''Archive Email''.
 
* Click on ''Archive Email''.
* From the ''Email Servers'' list in the ''Create Profile'' area of the window, select ''G Suite'' to create a new archiving profile.
+
* From the ''Email Servers'' list in the ''Create Profile'' area of the window, select ''Google Workspace'' to create a new archiving profile.
 
* A wizard opens to assist in specifying the archiving settings.
 
* A wizard opens to assist in specifying the archiving settings.
 
*: [[File:Gapps_mailbox_00.png|center|350px]]
 
*: [[File:Gapps_mailbox_00.png|center|350px]]
 
* Select ''Single Mailbox'' and click on ''OK''.
 
* Select ''Single Mailbox'' and click on ''OK''.
* Configure the basic archiving settings. The JSON file generated by Google for the service account during the [[G Suite Integration|G Suite Integration]] configuration is also required for mailbox access.
+
* Configure the basic archiving settings. The JSON file generated by Google for the service account during the [[Google Workspace Integration]] configuration is also required for mailbox access.
 
*: [[File:Gapps_mailbox_01.png|center|350px]]
 
*: [[File:Gapps_mailbox_01.png|center|350px]]
 
*: Fill out the following fields:
 
*: Fill out the following fields:
Line 26: Line 28:
 
** '''Key ID'''<br/>To import the private key, select the JSON file that has been generated by Google for the service account.
 
** '''Key ID'''<br/>To import the private key, select the JSON file that has been generated by Google for the service account.
 
** '''Service Account'''<br/>The service account is determined automatically from the JSON file.
 
** '''Service Account'''<br/>The service account is determined automatically from the JSON file.
** '''Received''' and '''Sent'''<br/>The target folder in which MailStore will store received and send email.
+
** '''Received''' and '''Sent'''<br/>The target folder in which MailStore Server will store received and send email.
** '''Archive Spam'''<br/>G Suite spam folders are excluded by default, but can be archived by selecting this option.
+
** '''Archive Spam'''<br/>Google Workspace spam folders are excluded by default, but can be archived by selecting this option.
*: <div class="msnote">'''Important notice:''' MailStore will archive all mail contained within the selected mailbox, excluding Spam and Deleted messages. Due to the nature of how Google represents user defined labels in IMAP, they are not supported by MailStore; as a consequence, the entire mailbox will be archived.</div>
+
*: <div class="msnote">'''Important notice:''' MailStore Server will archive all mail contained within the selected mailbox, excluding Spam and Deleted messages. Due to the nature of how Google represents user defined labels in IMAP, they are not supported by MailStore Server; as a consequence, the entire mailbox will be archived.</div>
 
* Click on ''Next''.
 
* Click on ''Next''.
 
* If needed, adjust the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]]. By default, no emails will be deleted from the mailbox. The ''Timeout'' value only has to be adjusted in specific cases. Please keep in mind that these settings apply to all mailboxes to be archived.
 
* If needed, adjust the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]]. By default, no emails will be deleted from the mailbox. The ''Timeout'' value only has to be adjusted in specific cases. Please keep in mind that these settings apply to all mailboxes to be archived.
Line 38: Line 40:
 
* In the last step, a name for the archiving profile can be specified. After clicking ''Finish'', the archiving profile will be listed under ''Saved Profiles'' and can be run immediately or automatically, if desired.
 
* In the last step, a name for the archiving profile can be specified. After clicking ''Finish'', the archiving profile will be listed under ''Saved Profiles'' and can be run immediately or automatically, if desired.
  
More information on how to execute archiving profiles can be found under the topic [[Email Archiving with MailStore Basics]]
+
More information on how to execute archiving profiles can be found under the topic [[Email Archiving with MailStore Basics]].
  
 
== Archiving Multiple Mailboxes Centrally ==
 
== Archiving Multiple Mailboxes Centrally ==
By following the procedure described here, multiple G Suite mailboxes can be archived without specific configuration for each MailStore user. The archiving process can be executed manually or automatically.
+
By following the procedure described here, multiple Google Workspace mailboxes can be archived without specific configuration for each MailStore Server user. The archiving process can be executed manually or automatically.
  
* Make sure that you configured the service account as described in the  [[G Suite Integration]] chapter of the MailStore Server manual.
+
* Make sure that you configured the service account as described in the  [[Google Workspace Integration]] chapter of the MailStore Server manual.
* Log on to MailStore Client as MailStore administrator. Only an administrator can archive emails via a G Suite Service Account.
+
* Log on to MailStore Client as MailStore Server administrator. Only an administrator can archive emails via a Google Workspace Service Account.
 
* Click on ''Archive Email''.
 
* Click on ''Archive Email''.
* From the ''Email Servers'' list in the ''Create Profile'' area of the window, select ''G Suite'' to create a new archiving profile.
+
* From the ''Email Servers'' list in the ''Create Profile'' area of the window, select ''Google Workspace'' to create a new archiving profile.
 
* A wizard opens to assist in specifying the archiving settings.
 
* A wizard opens to assist in specifying the archiving settings.
 
*: [[File:Gapps_mailboxes_00.png|center|350px]]
 
*: [[File:Gapps_mailboxes_00.png|center|350px]]
 
* Select ''Multiple Mailboxes'' and click on ''OK''.
 
* Select ''Multiple Mailboxes'' and click on ''OK''.
* Configure the basic archiving settings. The JSON file generated by Google for the service account during the [[G Suite Integration|G&nbsp;Suite Integration]] configuration is also required for mailbox access.
+
*: {{Archiving_Multiple_or_Multidrop_Note|multiple mailboxes|[[#Synchronizing_Users|directory synchronization]]}}
 +
* Configure the basic archiving settings. The JSON file generated by Google for the service account during the [[Google Workspace Integration]] configuration is also required for mailbox access.
 
*: [[File:Gapps_mailboxes_01.png|center|350px]]
 
*: [[File:Gapps_mailboxes_01.png|center|350px]]
 
*:  Fill out the following fields:
 
*:  Fill out the following fields:
 
** '''Key ID'''<br/>To import the private key, select the JSON file that has been generated by Google for the service account.
 
** '''Key ID'''<br/>To import the private key, select the JSON file that has been generated by Google for the service account.
 
** '''Service Account'''<br/>The service account is determined automatically from the JSON file.
 
** '''Service Account'''<br/>The service account is determined automatically from the JSON file.
** '''Received''' and '''Sent'''<br/>The target folder in which MailStore will store received and send email.
+
** '''Received''' and '''Sent'''<br/>The target folder in which MailStore Server will store received and send email.
** '''Archive Spam'''<br/>G Suite spam folders are excluded by default, but can be archived by selecting this option.
+
** '''Archive Spam'''<br/>Google Workspace spam folders are excluded by default, but can be archived by selecting this option.
*: <div class="msnote">'''Important notice:''' MailStore will archive all mail contained within the selected mailbox, excluding Spam and Deleted messages. Due to the nature of how Google represents user defined labels in IMAP, they are not supported by MailStore, as a consequence, the entire mailbox will be archived.</div>
+
*: <div class="msnote">'''Important notice:''' MailStore Server will archive all mail contained within the selected mailbox, excluding Spam and Deleted messages. Due to the nature of how Google represents user defined labels in IMAP, they are not supported by MailStore Server, as a consequence, the entire mailbox will be archived.</div>
 
* Click on ''Next''.
 
* Click on ''Next''.
 
* If needed, adjust the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]]. By default, no emails will be deleted from the mailbox. The ''Timeout'' value only has to be adjusted in specific cases. Please keep in mind that these settings apply to all mailboxes to be archived.
 
* If needed, adjust the [[Email_Archiving_with_MailStore_Basics#Specifying_Filter_Criteria_for_Archiving|filter]] and the [[Email_Archiving_with_MailStore_Basics#Deleting_Emails_after_Archiving|deletion rules]]. By default, no emails will be deleted from the mailbox. The ''Timeout'' value only has to be adjusted in specific cases. Please keep in mind that these settings apply to all mailboxes to be archived.
 
*: [[File:Gapps_mailboxes_02.png|center|350px]]
 
*: [[File:Gapps_mailboxes_02.png|center|350px]]
 
* Click on ''Next''.
 
* Click on ''Next''.
{{Archiving_Multiple_Mailboxes_Centrally_Options|Gapps_mailboxes_03.png|G Suite}}
+
{{Archiving_Multiple_Mailboxes_Centrally_Options|Gapps_mailboxes_03.png|Google Workspace}}
 
 
=== Basic Functionality ===
 
In G Suite, Google Mail can be configured to forward a copy of all incoming, outgoing or internal email traffic to an external mailbox.
 
 
 
MailStore Server can be configured to archive this so called multidrop mailbox at regular intervals. During this process, the emails from the multidrop mailbox will be assigned to their respective MailStore users (i.e. their user archives) automatically. This means that each user is able to view only their own emails.
 
 
 
Before the archiving process can be set up in MailStore Server, email forwarding has to be set up for the G Suite email domain.
 
 
 
=== Step 1: Configuring email forwarding for a G Suite email domain ===
 
 
 
Please proceed as follows:
 
 
 
* Log on to your G Suite domain as an administrator.
 
* Navigate to ''Apps > G Suite > Settings for Gmail > Advanced settings''.
 
* Configure ''Receiving routing'':
 
*# Under ''Also deliver to'', activate the ''Add more recipients'' option.
 
*#: [[File:GM_routing_01_en.png|center|347px]]
 
*# Select ''Advanced'' and activate the ''Change envelope recipient'' option.
 
*# Enter the email address of the multidrop mailbox into the ''Replace recipient'' field.
 
*# Activate the ''Add X-Gm-Original-To header'' option.
 
*#: [[File:GM_routing_02_en.png|center|347px]]
 
*# Click on ''Save'' further down the window and then on ''Add setting''.
 
* Repeat steps 1 to 5 for ''Sending routing''.
 
* Click on ''Save changes''.
 
<p class="msnote">'''Important:''' The multidrop mailbox needs to be an external IMAP mailbox, that must not belong to the G Suite email domain because the Gmail duplicate detection would drop identical emails that have been addressed to several recipients. By using an internal Gmail mailbox completeness of the archive cannot be achieved.</p>
 
 
 
=== Step 2: Setting up the Archiving Process ===
 
 
 
The above settings will ensure that a copy of all emails will be forwarded to a single external multidrop mailbox. MailStore extracts the sender and recipient information from the email headers to assign them to the appropriate users. By using this type of mailboxes it is possible to archive all incoming and outgoing emails.
 
 
 
{{Archiving Multidrop_Mailbox|G Suite|Gapps_catchall_00.png|Gapps_catchall_01.png}}
 
  
 
== Archiving Incoming and Outgoing Emails Directly ==
 
== Archiving Incoming and Outgoing Emails Directly ==
MailStore can archive all incoming and outgoing emails of all users within a G Suite email domain. Using this scenario it is possible to ensure a complete and compliant archive.
+
MailStore Server can archive all incoming and outgoing emails of all users within a Google Workspace email domain. Using this scenario it is possible to ensure a complete and compliant archive.
  
 
=== Basic Functionality ===
 
=== Basic Functionality ===
In G Suite, Google Mail can be configured to forward a copy of all incoming, outgoing or internal email traffic to an external mailbox.
+
In Google Workspace, Google Mail can be configured to forward a copy of all incoming, outgoing or internal email traffic to an external mailbox.
  
 
There are two method for archiving these emails:
 
There are two method for archiving these emails:
  
# '''Using MailStore Gateway (recommended)'''<br/>Use the free [https://help.mailstore.com/en/gateway/ MailStore Gateway] program that provides mailboxes that are suitable as target for the corresponding G Suite rules. Unlike using another 3rd party mailbox provider, this method ensures that emails remain unmodified and the important ''X-Gm-Original-To'' header is retained. MailStore Server is then configured to archive from the MailStore Gateway mailboxes at regular intervals.
+
# '''Using MailStore Gateway (recommended)'''<br/>Use the free [https://help.mailstore.com/en/gateway/ MailStore Gateway] program that provides mailboxes that are suitable as target for the corresponding Google Workspace rules. Unlike using another 3rd party mailbox provider, this method ensures that emails remain unmodified and the important ''X-Gm-Original-To'' header is retained. MailStore Server is then configured to archive from the MailStore Gateway mailboxes at regular intervals.
# '''Using Another Mailbox Provider'''<br/>Use another provider's mailbox as target and configure MailStore to archive this so-called multidrop mailbox at regular intervals. The multidrop mailbox needs to be an external IMAP mailbox, that must not belong to the G Suite email domain because the Gmail duplicate detection would drop identical emails that have been addressed to several recipients. By using an internal Gmail mailbox completeness of the archive cannot be achieved. Futhermore, the receiving mailserver must not temper the email headers, especially not remove the ''X-Gm-Original-To'' header, and anti-virus and spam checking should also be disabled.
+
# '''Using Another Mailbox Provider'''<br/>Use another provider's mailbox as target and configure MailStore Server to archive this so-called multidrop mailbox at regular intervals. The multidrop mailbox needs to be an external IMAP mailbox, that must not belong to the Google Workspace email domain because the Gmail duplicate detection would drop identical emails that have been addressed to several recipients. By using an internal Gmail mailbox completeness of the archive cannot be achieved. Futhermore, the receiving mailserver must not temper the email headers, especially not remove the ''X-Gm-Original-To'' header, and anti-virus and spam checking should also be disabled.
  
  
Line 110: Line 82:
  
 
=== Method 1: Using MailStore Gateway ===
 
=== Method 1: Using MailStore Gateway ===
 
 
==== Step 1: Setup and Configure MailStore Gateway ====
 
==== Step 1: Setup and Configure MailStore Gateway ====
 
Please refer to the [https://help.mailstore.com/en/gateway/ MailStore Gateway Manual] for detailed instructions about:
 
Please refer to the [https://help.mailstore.com/en/gateway/ MailStore Gateway Manual] for detailed instructions about:
Line 120: Line 91:
 
After these steps, a mailbox with an individual email address (i.e. [email protected]) should exist.  
 
After these steps, a mailbox with an individual email address (i.e. [email protected]) should exist.  
  
==== Step 2: Configuring email forwarding for a G Suite email domain ====
+
==== Step 2: Configuring email forwarding for a Google Workspace email domain ====
 
Please proceed as follows:
 
Please proceed as follows:
  
* Log on to your G Suite domain as an administrator.
+
* Log on to your Google Workspace domain as an administrator.
* Navigate to ''Apps > G Suite > Settings for Gmail > Advanced settings''.
+
* Navigate to ''Apps'' > ''Google Workspace'' > ''Gmail ''.
* Configure ''Receiving routing'':
+
* Click on ''Advanced settings'' on the ''Settings for Gmail'' page.
*# Under ''Also deliver to'', activate the ''Add more recipients'' option.
+
* In the ''General Settings'' tab, scroll down to ''Routing''.
*#: [[File:GM_routing_01_en.png|center|347px]]
+
*: [[File:GM_routing_00_en.png|center|500px]]
*# Select ''Advanced'' and activate the ''Change envelope recipient'' option.
+
* Click ''Configure'' or ''Add Another'' to create a new routing rule. A new window appears.
*# Enter the email address of the MailStore Gateway mailbox into the ''Replace recipient'' field.
+
* Enter a name and enable all checkboxes in the ''Messages to affect'' section.
*# Activate the ''Add X-Gm-Original-To header'' option.
+
*: [[File:GM_routing_01_en.png|center|500px]]
*#: [[File:GM_routing_02a_en.png|center|347px]]
+
* Under ''Also deliver to'', activate the ''Add more recipients'' option and ''Add'' an additional delivery recipient.
*# Click on ''Save'' further down the window and then on ''Add setting''.
+
* Select ''Advanced'' from the drop-down list.
* Repeat steps 1 to 5 for ''Sending routing''.
+
* Activate the ''Change envelope recipient'' option.
* Click on ''Save changes''.
+
* Enter the email address of the MailStore Gateway mailbox into the ''Replace recipient'' field.
 +
* Activate the ''Do not deliver spam to this recipient'' option if desired.
 +
* Activate the ''Suppress bounces from this recipient'' option.
 +
* Activate the ''Add X-Gm-Original-To header'' option.
 +
*: [[File:GM_routing_02a_en.png|center|500px]]
 +
* Click on ''Save'' further down the window and then on ''Add setting'' for a new rule or ''Save'' when modifying an existing rule.
 +
* Click on ''Save'' in the footer bar.
  
 
==== Step 3: Setting up the Archiving Process ====
 
==== Step 3: Setting up the Archiving Process ====
{{Archiving MailStore Gateway Mailbox|''Google G Suite''|Arch_MailStore_Gateway_G_Suite_01.png|Arch_MailStore_Gateway_G_Suite_02.png|POP3Hint=DontShow}}
+
{{Archiving MailStore Gateway Mailbox|''Google Google Workspace''|Arch_MailStore_Gateway_G_Suite_01.png|Arch_MailStore_Gateway_G_Suite_02.png|POP3Hint=DontShow|DSLink=[[#Synchronizing_Users|directory synchronization]]}}
  
 
=== Method 2: Using Another Mailbox Provider ===
 
=== Method 2: Using Another Mailbox Provider ===
  
==== Step 1: Configuring email forwarding for a G Suite email domain ====
+
==== Step 1: Configuring email forwarding for a Google Workspace email domain ====
 
Please proceed as follows:
 
Please proceed as follows:
  
* Log on to your G Suite domain as an administrator.
+
* Log on to your Google Workspace domain as an administrator.
* Navigate to ''Apps > G Suite > Settings for Gmail > Advanced settings''.
+
* Navigate to ''Apps > Google Workspace > Gmail > Settings for Gmail > Advanced settings''.
* Configure ''Receiving routing'':
+
* In the ''General Settings'' tab, scroll down to ''Routing''.
*# Under ''Also deliver to'', activate the ''Add more recipients'' option.
+
*: [[File:GM_routing_00_en.png|center|500px]]
*#: [[File:GM_routing_01_en.png|center|347px]]
+
* Click ''Configure'' or ''Add Another'' to create a new routing rule. A new window appears.
*# Select ''Advanced'' and activate the ''Change envelope recipient'' option.
+
* Enter a name and enable all checkboxes in the ''Messages to affect'' section.
*# Enter the email address of the multidrop mailbox into the ''Replace recipient'' field.
+
*: [[File:GM_routing_01_en.png|center|500px]]
*# Activate the ''Add X-Gm-Original-To header'' option.
+
* Under ''Also deliver to'', activate the ''Add more recipients'' option and ''Add'' an additional delivery recipient.
*#: [[File:GM_routing_02_en.png|center|347px]]
+
* Select ''Advanced'' from the drop-down list.
*# Click on ''Save'' further down the window and then on ''Add setting''.
+
* Activate the ''Change envelope recipient'' option.
* Repeat steps 1 to 5 for ''Sending routing''.
+
* Enter the email address of the multidrop mailbox into the ''Replace recipient'' field.
* Click on ''Save changes''.
+
* Activate the ''Suppress bounces from this recipient'' option.
 +
* Activate the ''Add X-Gm-Original-To header'' option.
 +
*: [[File:GM_routing_02_en.png|center|500px]]
 +
* Click on ''Save'' further down the window and then on ''Add setting'' for a new rule or ''Save'' when modifying an existing rule.
 +
* Click on ''Save'' in the footer bar.
  
 
==== Step 2: Setting up the Archiving Process ====
 
==== Step 2: Setting up the Archiving Process ====
The above settings will ensure that a copy of all emails will be forwarded to a single external multidrop mailbox. MailStore extracts the sender and recipient information from the email headers to assign them to the appropriate users. By using this type of mailboxes it is possible to archive all incoming and outgoing emails.
+
The above settings will ensure that a copy of all emails will be forwarded to a single external multidrop mailbox. MailStore Server extracts the sender and recipient information from the email headers to assign them to the appropriate users. By using this type of mailboxes it is possible to archive all incoming and outgoing emails.
  
{{Archiving Multidrop_Mailbox|G Suite|Gapps_catchall_00.png|Gapps_catchall_01.png}}
+
{{Archiving Multidrop_Mailbox|Google Workspace|Gapps_catchall_00.png|Gapps_catchall_01.png|[[#Synchronizing_Users|directory synchronization]]}}
  
 
== Weblinks ==
 
== Weblinks ==
* {{MailStore Support}}
+
* [https://workspace.google.com/intl/en/ Google Workspace]
* [http://gsuite.google.com/ G Suite]
 
  
[[de:E-Mail-Archivierung von G Suite]]
+
[[de:E-Mail-Archivierung von Google Workspace]]
[[en:Archiving Emails from G Suite]]
+
[[en:Archiving Emails from Google Workspace]]

Latest revision as of 12:12, 22 July 2024

This implementation guide covers the specifics of archiving Google Workspace mailboxes. It is assumed that you already have a MailStore Server installation or test installation and are familiar with the fundamentals of MailStore Server. Please refer to the Manual or the Quick Start Guide for more information.

MailStore Server offers several ways to archive emails from Google Workspace mailboxes, which are described below. If you are not sure which archiving method best suits your company, please refer to the chapter Choosing the Right Archiving Strategy.

Since MailStore accesses user mailboxes via IMAP, IMAP access must be enabled for users in the Google Admin console.

Synchronizing Users

It is required to first set up a synchronization with Google Workspace as described in chapter Google Workspace Integration of the MailStore Server manual as the API credentials needed to configure archiving must first be created in the Google Workspace Integration configuration process.

Note that while Google Workspace uses it's own internal user database, this itself can be synchronized with external LDAP or Active Directory environments. Even if the Google Workspace directory is not the primary source of user account information, it is highly recommended to synchronize MailStore Server directly with Google Workspace to fetch all relevant information such as email addresses.

Archiving Individual Mailboxes

The following steps describe the setup of a single mailbox archiving profile by a MailStore administrator using a special service account.

Alternatively, non-admin users which have the Archive E-mail privilege, may archive their own Google Workspace mailbox by using the Gmail archiving profile in MailStore Server, where the mailbox owner explicitly authorizes MailStore Server to access his mailbox.

In MailStore Server Google Workspace archiving tasks are stored in archiving profiles. By following the procedure described here you can archive a single Google Workspace mailbox for a specific MailStore user. The archiving process can be executed manually or automatically. You can find further information about executing archiving profiles in chapter Email Archiving with MailStore Basics.


Please proceed as follows for each individual mailbox:

  • Make sure that you configured the service account as descibes in the Google Workspace Integration chapter of the MailStore Server manual.
  • Log on to MailStore Client as MailStore Server administrator. Only an administrator can archive emails via a Google Workspace Service Account.
  • Click on Archive Email.
  • From the Email Servers list in the Create Profile area of the window, select Google Workspace to create a new archiving profile.
  • A wizard opens to assist in specifying the archiving settings.
    Gapps mailbox 00.png
  • Select Single Mailbox and click on OK.
  • Configure the basic archiving settings. The JSON file generated by Google for the service account during the Google Workspace Integration configuration is also required for mailbox access.
    Gapps mailbox 01.png
    Fill out the following fields:
    • Email Address
      The email address of the user to be archived.
    • Key ID
      To import the private key, select the JSON file that has been generated by Google for the service account.
    • Service Account
      The service account is determined automatically from the JSON file.
    • Received and Sent
      The target folder in which MailStore Server will store received and send email.
    • Archive Spam
      Google Workspace spam folders are excluded by default, but can be archived by selecting this option.
    Important notice: MailStore Server will archive all mail contained within the selected mailbox, excluding Spam and Deleted messages. Due to the nature of how Google represents user defined labels in IMAP, they are not supported by MailStore Server; as a consequence, the entire mailbox will be archived.
  • Click on Next.
  • If needed, adjust the filter and the deletion rules. By default, no emails will be deleted from the mailbox. The Timeout value only has to be adjusted in specific cases. Please keep in mind that these settings apply to all mailboxes to be archived.
    Gapps mailbox 02.png
  • Click on Next.
  • The Target Archive must be specified. Select the archive of the user for whom the selected mailbox is to be archived. If the user does not exist yet, click on Create a New User.
    Gapps mailbox 03.png
  • Click on Next.
  • In the last step, a name for the archiving profile can be specified. After clicking Finish, the archiving profile will be listed under Saved Profiles and can be run immediately or automatically, if desired.

More information on how to execute archiving profiles can be found under the topic Email Archiving with MailStore Basics.

Archiving Multiple Mailboxes Centrally

By following the procedure described here, multiple Google Workspace mailboxes can be archived without specific configuration for each MailStore Server user. The archiving process can be executed manually or automatically.

  • Make sure that you configured the service account as described in the Google Workspace Integration chapter of the MailStore Server manual.
  • Log on to MailStore Client as MailStore Server administrator. Only an administrator can archive emails via a Google Workspace Service Account.
  • Click on Archive Email.
  • From the Email Servers list in the Create Profile area of the window, select Google Workspace to create a new archiving profile.
  • A wizard opens to assist in specifying the archiving settings.
    Gapps mailboxes 00.png
  • Select Multiple Mailboxes and click on OK.
    Please note: To be able to archive multiple mailboxes, MailStore Server users along with their email addresses must exist in the MailStore Server user management. If this is not the case, MailStore Server will offer to set up and run the directory synchronization at this point. Once completed, the wizard will resume.
    Alternatively, you can cancel the wizard and create users manually as described the in chapter User Management.
  • Configure the basic archiving settings. The JSON file generated by Google for the service account during the Google Workspace Integration configuration is also required for mailbox access.
    Gapps mailboxes 01.png
    Fill out the following fields:
    • Key ID
      To import the private key, select the JSON file that has been generated by Google for the service account.
    • Service Account
      The service account is determined automatically from the JSON file.
    • Received and Sent
      The target folder in which MailStore Server will store received and send email.
    • Archive Spam
      Google Workspace spam folders are excluded by default, but can be archived by selecting this option.
    Important notice: MailStore Server will archive all mail contained within the selected mailbox, excluding Spam and Deleted messages. Due to the nature of how Google represents user defined labels in IMAP, they are not supported by MailStore Server, as a consequence, the entire mailbox will be archived.
  • Click on Next.
  • If needed, adjust the filter and the deletion rules. By default, no emails will be deleted from the mailbox. The Timeout value only has to be adjusted in specific cases. Please keep in mind that these settings apply to all mailboxes to be archived.
    Gapps mailboxes 02.png
  • Click on Next.
  • Select the users whose mailboxes are to be archived.
    Gapps mailboxes 03.png
    The following options are available:
    • All users with configured email address
      Choose this option to archive the mailboxes of all users who are set up, along with their email addresses, in MailStore's user management.
    • All users except the following
      Choose this option to exclude individual users (and thereby their Google Workspace mailboxes) from the archiving process, using the list of users below.
    • Only the following users
      Choose this option to include individual users (and thereby their Google Workspace mailboxes) in the archiving process, using the list of users below. Only the mailboxes of those users explicitly specified will be archived.
    • Synchronize with Directory Services before archiving
      If selected, the MailStore user list will be synchronized with the configured directory service before any archiving process is executed. This has the advantage that, for example, new employees will be created as MailStore users before archiving, so once the archiving process is executed, their Google Workspace mailbox is archived automatically as well. This option is especially recommended when the archiving process is to be executed automatically.
  • Click on Next.
  • In the last step, a name for the archiving profile can be specified. After clicking Finish, the archiving profile will be listed under Saved Profiles and can be run immediately or automatically, if desired.


Archiving Incoming and Outgoing Emails Directly

MailStore Server can archive all incoming and outgoing emails of all users within a Google Workspace email domain. Using this scenario it is possible to ensure a complete and compliant archive.

Basic Functionality

In Google Workspace, Google Mail can be configured to forward a copy of all incoming, outgoing or internal email traffic to an external mailbox.

There are two method for archiving these emails:

  1. Using MailStore Gateway (recommended)
    Use the free MailStore Gateway program that provides mailboxes that are suitable as target for the corresponding Google Workspace rules. Unlike using another 3rd party mailbox provider, this method ensures that emails remain unmodified and the important X-Gm-Original-To header is retained. MailStore Server is then configured to archive from the MailStore Gateway mailboxes at regular intervals.
  2. Using Another Mailbox Provider
    Use another provider's mailbox as target and configure MailStore Server to archive this so-called multidrop mailbox at regular intervals. The multidrop mailbox needs to be an external IMAP mailbox, that must not belong to the Google Workspace email domain because the Gmail duplicate detection would drop identical emails that have been addressed to several recipients. By using an internal Gmail mailbox completeness of the archive cannot be achieved. Futhermore, the receiving mailserver must not temper the email headers, especially not remove the X-Gm-Original-To header, and anti-virus and spam checking should also be disabled.


Whichever option has been chosen, the emails from the multidrop mailbox will be assigned to their respective MailStore users (i.e. their user archives) automatically. This means that each user is able to view only their own emails.

Method 1: Using MailStore Gateway

Step 1: Setup and Configure MailStore Gateway

Please refer to the MailStore Gateway Manual for detailed instructions about:

  • Installation and Setup of MailStore Gateway
  • Logging on to MailStore Gateway's Management Console
  • Creating MailStore Gateway mailboxes

After these steps, a mailbox with an individual email address (i.e. [email protected]) should exist.

Step 2: Configuring email forwarding for a Google Workspace email domain

Please proceed as follows:

  • Log on to your Google Workspace domain as an administrator.
  • Navigate to Apps > Google Workspace > Gmail .
  • Click on Advanced settings on the Settings for Gmail page.
  • In the General Settings tab, scroll down to Routing.
    GM routing 00 en.png
  • Click Configure or Add Another to create a new routing rule. A new window appears.
  • Enter a name and enable all checkboxes in the Messages to affect section.
    GM routing 01 en.png
  • Under Also deliver to, activate the Add more recipients option and Add an additional delivery recipient.
  • Select Advanced from the drop-down list.
  • Activate the Change envelope recipient option.
  • Enter the email address of the MailStore Gateway mailbox into the Replace recipient field.
  • Activate the Do not deliver spam to this recipient option if desired.
  • Activate the Suppress bounces from this recipient option.
  • Activate the Add X-Gm-Original-To header option.
    GM routing 02a en.png
  • Click on Save further down the window and then on Add setting for a new rule or Save when modifying an existing rule.
  • Click on Save in the footer bar.

Step 3: Setting up the Archiving Process

Setting up archiving processes for MailStore Gateway mailboxes is done using archiving profiles. General information about archiving profiles is available in chapter Working with Archiving Profiles.

Before configuring MailStore Server, please make sure that a MailStore Server user account exists for each user whose emails are to be archived with the MailStore Gateway. Please refer to chapter User Management for more information.

Important notice: It is imperative that, in user management under Properties, the email address is specified for each user. This is the only way to make sure that the emails in the archive are assigned to the appropriate users.

Please proceed as follows:

  • Log on as MailStore Server administrator using MailStore Client.
  • In MailStore Server, click on Archive Email.
  • To create a new archiving profile, select MailStore Gateway Mailbox from the Email Server list in the Create Profile area of the application window.
  • A wizard opens that guides you through the setup process.

    Arch MailStore Gateway G Suite 01.png
  • Select Google Google Workspace and click OK.

    Please note: To be able to archive a MailStore Gateway mailbox, MailStore Server users along with their email addresses must exist in the MailStore Server user management. If this is not the case, MailStore Server will offer to set up and run the directory synchronization at this point. Once completed, the wizard will resume.
    Alternatively, you can cancel the wizard and create users manually as described the in chapter User Management.

  • Fill out the fields Host, Mailbox ID and Password. Click on Test to verify the data entered.

    If MailStore Gateway uses a TLS certificate from a certificate authority that is not trusted by the MailStore Server computer, the option Accept all certificates must be checked.

    Arch MailStore Gateway G Suite 02.png
  • Adjust any further settings such as how to handle emails with unknown addresses or asking MailStore Server to delete emails after they have been archived.

    Please note: If you are additionally archiving messages from the users mailboxes, you have to set the target folder names here to the folder names that match the names that were created by the user mailbox archiving profiles. Otherwise, additional or similar folders could be created in the users' archives. The folder names are case-sensitive.

  • If the option Synchronize with Directory Services before archiving is enabled, the MailStore Server user list will be synchronized with the configured directory service before the archiving process actually runs. This has the advantage that, for example, new employees will be created as MailStore Server users before archiving which enables MailStore Server to sort their emails into the correct archives.
  • Click on Next.
  • The timeout value only has to be adjusted on a case-by-case basis (e.g. with very slow servers or network connections).
  • Click on Next.
  • At the last step, select a name for the new archiving profile. After clicking on Finish, the archiving profile will be listed under Saved Profiles and can be run immediately or automatically, if desired.


Method 2: Using Another Mailbox Provider

Step 1: Configuring email forwarding for a Google Workspace email domain

Please proceed as follows:

  • Log on to your Google Workspace domain as an administrator.
  • Navigate to Apps > Google Workspace > Gmail > Settings for Gmail > Advanced settings.
  • In the General Settings tab, scroll down to Routing.
    GM routing 00 en.png
  • Click Configure or Add Another to create a new routing rule. A new window appears.
  • Enter a name and enable all checkboxes in the Messages to affect section.
    GM routing 01 en.png
  • Under Also deliver to, activate the Add more recipients option and Add an additional delivery recipient.
  • Select Advanced from the drop-down list.
  • Activate the Change envelope recipient option.
  • Enter the email address of the multidrop mailbox into the Replace recipient field.
  • Activate the Suppress bounces from this recipient option.
  • Activate the Add X-Gm-Original-To header option.
    GM routing 02 en.png
  • Click on Save further down the window and then on Add setting for a new rule or Save when modifying an existing rule.
  • Click on Save in the footer bar.

Step 2: Setting up the Archiving Process

The above settings will ensure that a copy of all emails will be forwarded to a single external multidrop mailbox. MailStore Server extracts the sender and recipient information from the email headers to assign them to the appropriate users. By using this type of mailboxes it is possible to archive all incoming and outgoing emails.

Setting up archiving processes for multidrop mailboxes is done using archiving profiles. General information about archiving profiles is available in chapter Working with Archiving Profiles.

Please proceed as follows:

  • Log on as MailStore administrator using MailStore Client.
  • In MailStore, click on Archive Email.
  • To create a new archiving profile, select Google Workspace from the Email Server list in the Create Profile area of the application window.
  • A wizard opens guiding you through the setup process.
    Gapps catchall 00.png
  • Select Multidrop Mailbox and click OK.
    Please note: To be able to archive a multidrop mailbox, MailStore Server users along with their email addresses must exist in the MailStore Server user management. If this is not the case, MailStore Server will offer to set up and run the directory synchronization at this point. Once completed, the wizard will resume.
    Alternatively, you can cancel the wizard and create users manually as described the in chapter User Management.
  • Fill out the fields Access via, Host, Username and Password. Click on Test to verify the data entered.

    For the TLS and SSL protocols only: If the certificate provided by the remote host cannot be verified (e.g. self-signed or signed by an unknown certificate authority), enable the option Accept all certificates to allow MailStore to establish a connection. As this option leads to an insecure configuration, warnings may appear in the summary and/or the dashboard.
    Gapps catchall 01.png
  • Adjust any further settings such as how to handle emails with unknown addresses or asking MailStore to delete emails after they have been archived. The latter option is especially sensible when dealing with mailboxes that are exclusively used for archiving.
  • The placeholders {u-email} or {h-email} can be used under Target Folders. {u-email} represents a user's primary email address and {h-email} is the email address found in the email header. Should a user have multiple aliases, using {h-email} will result in emails sent to different aliases of a user being archived in different folders, while using {u-email} will file all emails below the primary email address.

    Notice: If you are additionally archiving messages from the users mailboxes, you have to set the target folder names here to the folder names that match the names that were created by the user mailbox archiving profiles. Otherwise, additional or similar folders could be created in the users' archives. The folder names are case-sensitive.
  • If the option Synchronize with Directory Services before archiving is enabled, the MailStore user list will be synchronized with configured directory service before the archiving process actually runs. This has the advantage that, for example, new employees will be created as MailStore users before archiving which enables MailStore to sort their emails into the correct archives.
  • Click on Next.
  • The timeout value only has to be adjusted on a case-by-case basis (e.g. with very slow servers).
  • Click on Next.
  • At the last step, select a name for the new archiving profile. After clicking on Finish, the archiving profile will be listed under Saved Profiles and can be run immediately or automatically, if desired.


Weblinks