/
How to Configure Barracuda Load Balancer ADC with Barracuda Message Archiver for High Availability SMTP Journaling

How to Configure Barracuda Load Balancer ADC with Barracuda Message Archiver for High Availability SMTP Journaling

Jan 08, 2026

By default, when journaling to a Barracuda Message Archiver from Microsoft Exchange, you must configure the send connector to send mail to one of the two units. If that unit goes down, you must manually change the send connector IP address to point to the other unit. This can potentially result in lost mail. If you have a Barracuda Load Balancer ADC and Barracuda Message Archiver in a High Availability (HA) setup, Barracuda Networks recommends using the steps in this article to configure the Barracuda Load Balancer ADC to handle the SMTP traffic and balance it accordingly.

Step 1. Configure the Barracuda Message Archiver

  1. Log in to the first Barracuda Message Archiver, and go to the Mail Sources > SMTP page.

  2. In the Trusted SMTP Servers section, enter the IP of your Exchange Servers as well as the LAN IP of your Barracuda Load Balancer ADC.

  3. Go to the Basic > IP Configuration page. In the TCP/IP Configuration page, update the Default Gateway to point to the LAN IP address of your Barracuda Load Balancer ADC.

  4. Click Save.

  5. Complete steps 1-4 in this section for the second Barracuda Message Archiver in the HA setup.

Step 2. Configure the Barracuda Load Balancer ADC

  1. Log in to your Barracuda Load Balancer ADC using your admin credential, and go to the BASIC > Services page.

  2. In the left pane, click Add Service.

  3. In the name field, type: Barracuda_Message_Archiver_SMTP

  4. Select default as the Group, and from the Type drop-down menu, select TCP Proxy.

  5. In the IP Address field, enter an available internal IP address to be used for this service followed by port 25.

  6. Enter your network Netmask, and select the Interface:

    ServiceConfig.png

  7. Click Create.

Step 3. Add the Barracuda Message Archivers to the Service

Once you create the service, add the two Barracuda Message Archivers as the real servers.

  1. Log in to your Barracuda Load Balancer ADC using your admin credential, and go to the BASIC > Services page.

  2. Click Add Server.

  3. For the primary Barracuda Message Archiver, enter the device name in the Name field, and enter the IP Address followed by the Port number (25):

    ServerConfig.png

  4. Click Create.

  5. Click Add Server.

  6. For the secondary Barracuda Message Archiver, enter the device name in the Name field, and enter the IP Address followed by the Port number (25).

  7. Select Backup server.

    AddBackupServer.png

  8. Click Create.

  9. Both the primary and backup Barracuda Message Archivers should now display in the Configured Servers table with a green checkmark icon in the Status field indicating the real servers are up and responding to requests:

    ConfiguredServers.png

  10. Click Save Changes.

Step 4. Configure Journaling

Select your journaling deployment.

Configure Envelope Journaling for Microsoft Exchange Server 2013 and Newer - Standard

Microsoft Exchange allows a Journal recipient to be either a mailbox or contact. By using a contact with an email address that is part of a non-existent domain, you can create a send connector that uses SMTP to deliver journaled mail to the Barracuda Message Archiver. Use the steps in this article to configure Envelope Journaling.

Use the examples in this article to simplify troubleshooting. Note that you can cut and paste the shell commands directly from this article.

Step 1. Register Each Exchange Server as a Trusted SMTP Server

To ensure that archiving begins as soon as your Exchange Servers are configured to send journal copies, first register each Exchange Server that is in a Client Access Server (CAS) role as a Trusted SMTP Server with the Barracuda Message Archiver on the MAIL SOURCES > SMTP page in the web interface.

  1. Log in to the Barracuda Message Archiver web interface, and go to the MAIL SOURCES > SMTP page.

  2. In the Trusted SMTP Servers section, enter the details for each Exchange Server that is to journal directly to the Barracuda Message Archiver; click Add after entering the details for each Exchange Server, and then click Save

Step 2. Create a Remote Domain From the Exchange Management PowerShell

The Remote Domain must not be your normal email domain. The remote domain must be a non-existent and non-routable/unresolvable domain from either inside or outside your organization (such as bma.int). This domain must be used for the email address of the Mail Contact that is to be the journaled message recipient.

Remote Domain
In previous versions of Exchange Server, the Exchange Management Console was used to create a Remote Domain; in Exchange Server 2013 the ECP/EAC has no analogous functionality so you must use PowerShell to create the Remote Domain.

To create a Remote Domain, you must enter a Name to describe the domain, and the actual Domain Name to use. In this example, bma.int is the "fake" Domain Name that is used. You can use bma.int or create your own "fake" Domain Name. Note that this Domain Name is used when creating the Mail Contact in Step 4. Create a Send Connector for the Remote Domain.

  1. Open the Exchange Management Shell

  2. Execute the following command to create the remote domain; this command ensures TNEF encoding is disabled: 
    New-RemoteDomain -DomainName bma.int -Name "Message Archiver Domain"  

  3. Next, execute the following command to enable auto-forwarding:
    Get-RemoteDomain | Where {$_.DomainName -eq "bma.int"} | Set-RemoteDomain -TNEFEnabled $false -AutoForwardEnabled $true

  4. Enter the following command to verify the settings:
    Get-RemoteDomain | Where {$_.DomainName -eq "bma.int"} |Format-table Name, DomainName, TNEFEnabled, AutoForwardEnabled

Step 3. Create a Recipient Mail Contact/Alternate Email Address

The Mail Contact is the account that is to act as a "holding location" for journaled messages. The email address associated with this account is the designated recipient and must be associated with a non-existent, non-routable dummy Domain Name created above in Step 2. Create a Remote Domain From the Exchange Management PowerShell. Use the following steps to create the Mail Contact:

  1. Log in to the Exchange Admin Center (EAC), and click recipients contacts.

  2. Click the + symbol, and click Mail contact:

MailContact2013.png

  1. In the  new mail contact  dialog box, enter the following details:

    1. First name – Type Barracuda

    2. Initials – Leave this field blank

    3. Last name – Type Journaling

    4. Display name – This field populates automatically

    5. Alias – Type BMA_Journaling

    6. External email address – Type bma_journaling@bma.int

      NewMailContact2013.png

  2. Click save.

Hide Contact from Global Address List

Barracuda Networks recommends hiding the mail contact from the Global Address List. You can use the following PowerShell command to hide the mail contact:

Get-MailContact | Where {$_.Name -eq "Barracuda Journaling"} | Set-MailContact -HiddenFromAddressListsEnabled $True

Enter the following command to verify the setting:

Get-MailContact | Where {$_.Name -eq "Barracuda Journaling"} | Format-table Name, HiddenFromAddressListsEnabled

Step 4. Create a Send Connector for the Remote Domain

To ensure proper mail flow, verify that the Barracuda Message Archiver send connector has a lower cost value than the send connector for outbound SMTP traffic.

To route journaled mail that is sent to the contact to the Barracuda Message Archiver, use the following steps to create a Send Connector for the Remote Domain:

  1. Log in to the EAC, click mail flow in the left pane, select send connectors at the top of the page, and then click the + symbol to create a new send connector:

  2. sendConnector2013.jpg

    In the Name field, enter a name for the connector, and in the Type section, select Custom:

  3. NewSendConnect2013.jpg

    Click next. In the Network settings page, select Route mail through smart hosts:

  4. NewSendConnect022013.jpg

    Click next. In the add smart host page, type the service IP address configured in Step 2. Configure the Barracuda Load Balancer ADC , for example, type: 192.168.1.100

  5. AddSmartHost2013.jpg

    Click save. The FQDN or IP Address displays in the SMART HOST list; verify the address:

  6. SmartHostAdded2013.jpg

    Click next. In the Smart host authentication page, because authentication is not used on the smart host connection to the Barracuda Message Archiver, no changes are necessary; click next:

  7. authentication2103.jpg

    In the Address space section, click the + symbol:

  8. addressSpace2013.jpg

    In the Address Space page, enter the domain that matches the domain for the external email address used to create the journal contact, for example, bma.int (see Step 2. Create a Remote Domain From the Exchange Management PowerShell):

  9. addDomain2013.jpg

    The domain is added to the Address space list:

  10. VerifyAddressSpace2013.jpg

    Click next. In the Source server section, click the + symbol:

  11. sourceServer2013.jpg

    Verify all of the appropriate Exchange Servers are listed; click add to add additional servers:

  12. VerifyListedServers2013.png

    Click ok. In the Source server page, the selected servers display:

  13. finish2013.jpg

    Click finish. The new send connector displays as enabled in the send connectors list:

  14. Click the Edit (editIcon.jpg ) icon to edit the Send Connector properties. From the Maximum send message size (MB) drop-down list, select unlimited, and then click save:

enabled2013.jpg
Step 5. Set Up Mailbox Database Journaling

Use the following steps to set up mailbox database journaling:

Important

 You must complete all of the steps in this section for each Exchange Email Database.

  1. Log into the EAC, click servers in the left pane, select database at the top of the page, and then click the Edit (editIcon.jpg ) icon to edit the database properties:

  2. editDB2013.jpg

    In the Properties page, click maintenance in the left pane:

  3. mailboxDBproperties2013.jpg

    In the maintenance page, click browse following the Journal recipient field:

  4. browseTOrecipient2013.jpg

    Navigate to and select the destination location for journaled messages, for example, journal@bma.int:

  5. SelectRecipientbmaint2013.png

    Click ok to select the journal message recipient. The recipient displays in the maintenance page:

  6. journalContact2013.jpg

    Click save to save your settings.

The configuration is now complete and journaled mail is forwarded to the Barracuda Message Archiver. Log in to the Barracuda Message Archiver, and go to the BASIC > Search page in the web interface to verify that new mail is being processed. Note that it may take up to 30 minutes before journaled mail is available in the search results.

Barracuda Networks recommends hiding the Journal Contact–as well as any mailbox set up for undeliverable journal reports–from the Global Address List (GAL) so that mail is not sent directly to these accounts. 

Configure Envelope Journaling for Microsoft Exchange Server 2013 and Newer - Premium

Microsoft Exchange allows a Journal recipient to be either a mailbox or contact. By using a contact with an email address that is part of a non-existent domain, you can create a send connector that uses SMTP to deliver journaled mail to the Barracuda Message Archiver. Also see Understanding SMTP Forwarding and Trusted Servers.

Excluding Health Monitor Alerts

By default, Health Monitor Alerts are automatically journaled in Exchange 2013. To exclude these alerts from journaling, refer to the Microsoft support article Managed Availability messages are journaled in Exchange Server 2013.

Use the examples included in this article to simplify troubleshooting. Note that you can cut and paste the shell commands directly from this article.

Step 1. Register Each Exchange Server as a Trusted SMTP Server

To ensure that archiving begins as soon as your Exchange Servers are configured to send journal copies, first register each Exchange Server that is in a Client Access Server (CAS) role as a Trusted SMTP Server with the Barracuda Message Archiver on the MAIL SOURCES > SMTP page in the web interface.

  1. Log in to the Barracuda Message Archiver web interface, and go to the MAIL SOURCES > SMTP page.

  2. In the Trusted SMTP Servers section, enter the details for each Exchange Server that is to journal directly to the Barracuda Message Archiver; click Add after entering the details for each Exchange Server, and then click Save.

Step 2. Create a Remote Domain From the Exchange Management PowerShell

The Remote Domain must not be your normal email domain. The remote domain must be a non-existent and non-routable/unresolvable domain from either inside or outside your organization (such as bma.int). This domain must be used for the email address of the Mail Contact that is to be the journaled message recipient.

Remote Domain

In previous versions of Exchange Server, the Exchange Management Console was used to create a Remote Domain; in Exchange Server 2013 the ECP/EAC has no analogous functionality so you must use PowerShell to create the Remote Domain.

To create a Remote Domain, you must enter a Name to describe the domain, and the actual Domain Name to use. In this example, bma.int is the "fake" Domain Name that is used. You can use bma.int or create your own "fake" Domain Name. Note that this Domain Name is used when creating the Mail Contact in Step 4. Create a Send Connector for the Remote Domain.

  1. Open the Exchange Management Shell

  2. Execute the following command to create the remote domain; this command ensures TNEF encoding is disabled and auto-forwarding is enabled:
    New-RemoteDomain -DomainName bma.int -Name "Message Archiver Domain"  
    Get-RemoteDomain | Where {$_.DomainName -eq "bma.int"} | Set-RemoteDomain -TNEFEnabled $false -AutoForwardEnabled $true

  3. Enter the following command to verify the settings:
    Get-RemoteDomain | Where {$_.DomainName -eq "bma.int"} |Format-table Name, DomainName, TNEFEnabled, AutoForwardEnabled

Step 3. Create a Recipient Mail Contact/Alternate Email Address

The Mail Contact is the account that is to act as a "holding location" for journaled messages. The email address associated with this account is the designated recipient and must be associated with a non-existent, non-routable dummy Domain Name created above in Step 2. Create a Remote Domain From the Exchange Management PowerShell. Use the following steps to create the Mail Contact:

  1. Log in to the Exchange Admin Center (EAC), and click recipients contacts.

  2. Click the + symbol, and click Mail contact:

  3. MailContact2013.png

    In the new mail contact dialog box, enter the following details:

    1. First name – Type Journal

    2. Initials – Leave this field blank

    3. Last name – Type Contact

    4. Display name – This field populates automatically

    5. Alias – Type JournalContact

    6. External email address – Type  journal@bma.int

      newMailContact2013Prem.jpg

       

  4. Click save. The new contact displays in the contacts list:

    contactCreated2013Prem.jpg

  5. In the EAC, click recipients in the left pane, select mailboxes at the top of the page, and click the + symbol to create an alternate journaling mailbox:

    mailboxes2013Prem.jpg

     

  6. In the new user mailbox page, enter details for the alternate journaling mailbox:

  7. journalNDR2013Prem.jpg

    Click save. The new mailbox displays in the mailboxes list:

    journal2NDR2013Prem.jpg

     

Hide Alternate Contact from Global Address List
Barracuda Networks recommends hiding the alternate mail contact from the GAL; to do so, with the new mailbox still selected, click the Edit (editIcon.jpg) icon. In the general page, turn on Hide from address lists:

hide2013Prem.jpg

 

Step 4. Create a Send Connector for the Remote Domain

To route journaled mail that is sent to the contact to the Barracuda Message Archiver, use the following steps to create a Send Connector for the Remote Domain:

  1. In the EAC click mail flow in the left pane, select send connectors at the top of the page, and then click the + symbol to create a new send connector:

  2. sendConnector2013.jpg

    In the Name field, enter a name for the connector, and in the Type section, select Custom:

  3. NewSendConnect2013.jpg

    Click next. In the Network settings page, select Route mail through smart hosts:

  4. NewSendConnect022013.jpg

    Click next. In the add smart host page, type the  service IP address configured  in  Step 2. Configure the Barracuda Load Balancer ADC, for example, type:  192.168.1.100

  5. AddSmartHost2013.jpg

    Click save. The FQDN or IP address displays in the SMART HOST list; verify the address:

  6. SmartHostAdded2013.jpg

    Click next. In the Smart host authentication page, because authentication is not used on the smart host connection to the Barracuda Message Archiver, no changes are necessary; click next:

  7. authentication2103.jpg

    In the Address space section, click the + symbol:

  8. addressSpace2013.jpg

    In the Address Space page, enter the domain that matches the domain for the external email address used to create the journal contact, for example, bma.int (see Step 2. Create a Remote Domain From the Exchange Management PowerShell):

  9. addDomain2013.jpg

    The domain is added to the Address space list:

  10. VerifyAddressSpace2013.jpg

    Click next. In the Source server section, click the + symbol:

  11. sourceServer2013.jpg

    Verify all the Exchange Servers that are in the CAS role are listed; click add to add additional servers:

  12. VerifyListedServers2013.png

    Click ok. In the Source server page, the selected servers display:

  13. finish2013.jpg

    Click finish. The new send connector displays as enabled in the send connectors list:

  14. enabled2013.jpg

    Click the Edit (editIcon.jpg) icon to edit the Send Connector properties. From the Maximum send message size (MB) drop-down list, select unlimited:

    editConnector2013.jpg

     

  15. Click save.

Step 5. Create a Journal Rule

Use the following steps to set up a journal rule:

  1. Log in to the Microsoft Purview compliance portal, navigate to Solutions > Data lifecycle management > Exchange (legacy) > Journal rules, and then select + New rule.

  2. On the Define journal rule settings page, provide a name for the journal rule and then configure the following options:

    We value your feedback.
    If you have questions, suggestions, or feedback on our documentation, contact the Campus Product Documentation team.
    For general product inquiries or technical support, please contact the global Barracuda Support team.