Sent Items Update
As signatures/disclaimers are added to sent emails directly on Exchange Server, they are not visible in the Sent Items folders of your mailboxes. To let you see signatures in the sent mail folders, CodeTwo Exchange Rules Pro is equipped with the Sent Items Update (SIU) feature that updates the sent messages, stamping them with signatures after they are processed by the program.
By default, the Sent Items Update service is disabled after a fresh installation and needs to be configured to start updating sent emails.
The Sent Items Update feature works as a separate Windows service which is installed during the setup of the program. It accesses user mailboxes and updates them according to your rules (for example, adds signatures). The update process usually takes a few seconds.
If an email is sent to many recipients, to whom different rules apply, the Sent Items folder will contain the copy of this email with the last rule (as defined on the rules list in Administration Panel) applied.
Example: a message contains both internal and external recipients, and you configured two signature-adding rules: one for internal and one for external correspondence. The internal rule is the last one (it is below the external rule on the list in the Administration Panel). In this configuration, the email visible in the Sent Items folder will be processed according to the rule for internal recipients (it will have the internal signature).
If you want to see all message versions in your Sent Items, according to the number of rules you defined, you need to turn on message splitting and configure the SIU service. Learn more
The SIU service runs under the Local System account and works independently of other CodeTwo services, using Windows Communication Foundation (WCF) to communicate with them. Users' mailboxes are accessed via Exchange Web Services (EWS) and this requires the software to use a real account's credentials to authenticate with EWS. For an on-premises setup, admins can either provide any existing, active user account credentials (e.g. if they have a dedicated service account or special accounts to be used with third-party software, want to use administrator's credentials or simply wish to create a new account on their own) or allow the software to create a new, dedicated user account automatically. When it comes to hybrid environments, the autoconfiguration option is not available and admins must provide the account credentials manually.
The Sent Items Update service is accessing a mailbox of an original sender in order to update a message. Therefore, if a message is sent by a distribution group or any other object that does not have a mailbox, it cannot be updated.
- must have a valid User Principal Name (UPN) assigned,
- must be a member of the Domain Users group,
- must be granted impersonation rights (see our Knowledge Base article on how to set impersonation rights manually),
- should be considered to be in a working condition, i.e. is not disabled, with valid password, etc.
- in the case of hybrid environments, the account must also be either a member of the Organization Management group or Exchange Organization Administrators group in Exchange Online / Office 365 (see our Knowledge Base article on how to add a user to the Organization Management group).
- Hybrid environments with ADFS are currently not supported. Single Sign-On (SSO)-enabled accounts can be used for the SIU configuration but must not use a federated domain address when configuring the service. Depending on the UPN address used for the Sent Items Update (SIU) service account, the SIU service will work either for mailboxes from on-premises servers (when a local, non-federated domain is used) or for mailboxes from Exchange Online servers (when Office 365 domain is used i.e. *.onmicrosoft.com).
- accounts that have multi-factor authentication enabled in Office 365 are currently not supported.
If you choose to go for the autoconfiguration option (available for on-premises setups only), an account fulfilling all the above requirements will be created automatically by the Sent Items Update configuration wizard. If you opt to assign the account manually, the software will only verify and, if necessary, add impersonation rights on its own.
Be aware that in any case, to properly configure the Sent Items Update service you must be logged on to the system with an account that is a member of the Domain Admins group. This is required as the software that runs under your account will attempt to assign impersonation rights or to create a new user, depending on how you configured it. For either of these two actions, the Domain Admin permissions are required.
To open the configuration wizard of the Sent Items Update, either click Settings on the program's toolbar, choose the Sent Items Update tab and click Configure, or choose the Click to change link in the upper right corner of the Administration Panel (Fig. 1.).
|Fig. 1. Opening the Sent Items Update configuration wizard.|
|Fig. 2. The Sent Items Update configuration wizard: environment type selection.|
Depending on the environment type you have in your organization, an appropriate option must be chosen. The next steps are similar for both: on-premises Exchange Server and hybrid environments, but some small, yet important differences exist, as described below.
Regardless of your environment type selection, in the next step of the wizard a method of connecting to your server will have to be defined. If you chose a hybrid environment or an on-premises server, but want to connect to your server from the same domain as the machine equipped with the program, there is not much to do: the Autodiscover mechanism will locate the server automatically (Fig. 3. and 4.).
|Fig. 3. The Sent Items Update configuration wizard: automatic connection to Exchange Server in a hybrid environment via the Autodiscover mechanism.|
|Fig. 4. The Sent Items Update configuration wizard: automatic connection to an on-premises server via the Autodiscover service.|
On the other hand, if you want to set up a connection to the server from a different domain, the Autodiscover mechanism will not work. Therefore, you need to enter the server's location manually (on-premises environments only). To do that, select Configure connection manually and enter the server's DNS name or IP address (Fig. 5.). The server's DNS name (which is the equivalent of the Fully Qualified Domain Name) consists of the server's name followed by the domain name, e.g. myserversname.domain.com.
|Fig. 5. The Sent Items Update configuration wizard: manual connection to an on-premises server.|
In the next window, enter the UPN of your server's administrator and the corresponding password. These credentials will be used by the Sent Items Update service to authenticate with and update emails via Exchange Web Services. Hybrid environment admins must choose an existing account that meets the requirements described in the wizard window (Fig. 6.).
|Fig. 6. The Sent Items Update configuration wizard: hybrid environment account setup.|
On-premises environment admins can either go for the auto-configuration option (Fig. 7.) that will create a new account on its own or choose an existing account manually (Fig. 8.).
|Fig. 7. The Sent Items Update configuration wizard: on-premises account automatic setup.|
|Fig. 8. The Sent Items Update configuration wizard: on-premises account manual setup.|
Make sure that the administrator has his UPN configured. Otherwise, the setup will not succeed.
To define the administrator's UPN, enter it manually or select it via the Browse button. If you click the Browse button, you will be able to pull the appropriate UPN from your Active Directory. Moreover, by clicking Locations you can pick the domain from which the on-premises server administrator's UPN will be taken (Fig. 9.).
|Fig. 9. Choosing a domain to be searched for the Administrator's UPN.|
Please note that the Browse button can only be used to list the UPN's of administrators from the same domain or different trusted domains. This option is not available with the untrusted domains. Therefore, if you want to select a UPN from an untrusted domain, you will have to type it manually.
On the other hand, in an on-premises setup, you may also use the second option that will create an account automatically as CodeTwoSiuAgent@[your domain] (Fig. 7.).
|Fig. 10. The Sent Items Update configuration wizard: final configuration window before granting and testing impersonation rights in hybrid setups.|
|Fig. 11. The Sent Items Update configuration wizard: final configuration window before granting and testing impersonation rights in an on-premises setup.|
If there were no issues with the configuration, the wizard will show a green-colored checklist of actions, as shown in Fig. 12. and Fig. 13.
|Fig. 12. The Sent Items Update configuration wizard: successful SIU configuration in a hybrid environment.|
|Fig. 13. The Sent Items Update configuration wizard: successful SIU configuration in an on-premises environment.|
Once the configuration is done, confirm it by clicking Finish. After the service is configured, a dialog box informing about successful configuration will appear (Fig. 14.).
|Fig. 14. Successful configuration of the Sent Items Update service.|
After successful configuration of the Sent Items Update, the service's settings will be enabled in the Program settings window (Fig. 15.).
|Fig. 15. Sent Items Update options.|
Once the Sent Items Update is configured on a given Administration Panel, there is no need to configure it on any other instance of the program within your organization as its configuration will be propagated automatically. The only thing you have to do is restart the other Administration Panels, and the SIU service will already be configured.
In the SIU settings window, the first two fields provide a general information about the service:
- Sent Items Update status - shows if the service is turned on/off. The button located to the right of this field may be used to switch the feature on or off at any point.
- Account - shows the account under which the service currently works. By clicking Change... you may reconfigure the service to work under a different account using the wizard.
Besides the status and account information, the Sent Items Update setting window offers three options related to the way the messages are updated in the Sent Items folder:
- Senders' scope,
- Create a copy of the original message when updating Sent Items,
- If message splitting is activated, apply changes to all split messages and save them in Sent Items.
This option allows you to define of users whose sent messages will be updated in the Sent Items folders. Once the Sent Items Update service is enabled, by default all of your mailboxes will be updated. However, you may change these settings and define the exact scope of mailboxes to be updated or excluded from the update. Click Change next to the Senders' scope field and the Scope of updated mailboxes window will open (Fig. 16.).
|Fig. 16. Changing the scope of updated mailboxes.|
If you decide to Update mailboxes from the list below only, only the chosen mailboxes will be updated. On the other hand, when selecting Update all mailboxes except the ones from the list below, all mailboxes will be updated except those added to the list. To add a user to either option, click the Add button and choose between your domain users and groups (Fig. 17.). To remove a user or group from the list, click Remove.
|Fig. 17. Changing the scope of mailboxes.|
This checkbox is not marked by default and enables to keep the original message in the Sent Items folder after it has been processed by CodeTwo Exchange Rules Pro. As a result, there will be two messages in this folder - the first is the message before processing, the second is the message after processing by the program.
If a message is addressed to multiple recipients who match different rules, the program will show all the messages in the Sent Items folder of a particular mailbox, as they have been split by CodeTwo Exchange Rules Pro on the server in order to deliver different footers to different recipients. Note that this option will be grayed out (Fig. 18.) if the Message splitting in Settings is not enabled.
|Fig. 18. The option to update all split messages is disabled.|
Errors during configuration
|Fig. 19. Failed configuration of the Sent Items Update service.|
These errors may be associated either with service's inability to locate your server or incorrect administrator account credentials entered in the Account credentials step. In such cases, go back to the appropriate steps of the wizard and make sure to enter your data correctly.
An error may also refer to the program’s inability to grant impersonation rights automatically, resulting in a failure to test these rights. In such a situation, you will be instructed (Fig. 20.) to assign impersonation rights manually.
|Fig. 20. Failure to grant impersonation rights.|
If the rights were successfully granted, but the wizard failed to test the rights automatically, you will be able to test them manually by clicking on the Failure link on the right. In the failure notification window, press click here and in the window that opens type or select one of your user accounts and click Test (Fig. 21.).
|Fig. 21. Testing of impersonation rights.|
If you use Microsoft Outlook, emails in your Sent Items folder might occasionally not be refreshed and displayed correctly. This is usually caused by Outlook's default behavior in the Cached Exchange mode, and is not related to the SIU service. See this article to learn how to solve this problem.
Tenants configurator - this article provides information on how to configure the program to allow different instances of the Administration Panel to manage rules for one particular sub-organization of your company only.
Message splitting - this article describes how to configure the program to update emails including signatures/disclaimers in the Sent items folder of a particular mailbox if a given message was sent to various recipients encompassed by different rules.