Frequently Asked Questions

Business Questions


How Scalable is MailArchiva? Does it work in large enterprise environments?


MailArchiva is optimized to cater for heavy work loads and larger archives. Big companies and government entities around are using MailArchiva successfully.


What ever happened to MailArchiva Open Source Edition?


We stopped working on it many years ago. The reason being, we needed to license various third party commercial libraries, and the  third party vendors wouldn't allow us to do so if we continued to offer MailArchiva as an open-source solution.


Why did you take the decision to offer MailArchiva On Premise for free for less than 10 mailboxes?


It's part of our marketing strategy. Our long-term goal is to try and get as many companies using our software as possible. We want them to experience the power and benefits of the product. When they eventually grow to become a sizeable company, they will hopefully approach us for a commercial license.


Can I still get commercial support if I am using MailArchiva On Premise and have less than twenty mailboxes?


Yes you can, but you'll need to purchase MailArchiva On Premise for a minimum of 10 mailboxes.


Technical Questions


MailArchiva queue folder has many entries inside it.


Please upgrade your server to the latest version. Recent versions have the ability to restrict the queue size to a user-defined value (specified in Configuration->Archive).


The import of large PST files is slow. How can I speed things up?


MailArchiva uses third party libs to parse PST files. They sometimes use quite a lot of memory when processing large PST files. Thus, try increasing the amount of heap space available to the server.


My server's CPU is unusually high even though MailArchiva is not fully loaded.


This situation can also occur if too much heap space is allocated to MailArchiva. In this case, set the maximum heap space to 6G. Alternatively, please upgrade to the latest version to see if the problem is resolved. If not, contact us for a resolution.


I accidently sent 1000’s of archived emails to myself, and I am trying to stop sending them now, but the process will not stop. How do I stop it from continuing to send more archived emails to me?


Stop the server and delete the smtp queue directory. They are usually located /var/opt/mailarchiva/ROOT/queue/smtpclient/* (Linux) and C:\ProgramData\MailArchiva\ROOT\queue\smtpclient\* (Windows). Thereafter, start the server again.


Is there a way, with the MailArchiva Cloud, to import all the mail from an On-Premise Exchange Server?

Yes, it is possible. Direct import is available from both MS Exchange and Office 365. See$exchangeimport for direct import instructions from Microsoft Exchange. To import from a remote Exchange server, port forward ports 389, 135, 49670 and 49667 from the On Premise Active Directory server to Also, when defining AD authentication, uncheck DNS lookups, and specify the port forwarded external IP address of the customer's AD server. Before performing an Exchange import, be sure to upgrade to the latest patch release of MailArchiva.


How do I import / migrate emails into MailArchiva?


MailArchiva is capable of importing from EML, PST, MBOX, OST, direct Exchange import, direct GSuite, etc. For importing of PST files, the easiest is to copy the PST data to a couple of folders on the server, and use the Import from server feature to import the data. In regards to Exchange import, you would simply configure the Exchange connection, and then perform a direct import from MS Exchange. In the latter case, MailArchiva connects to Exchange web services API, scans all mailboxes, and imports the data to the archive. The product is available for use while imports are occurring. Once MailArchiva is connected to Exchange, to import data from Exchange, it is a simple matter of clicking Import, choosing the Exchange connection, and clicking the import button. It is possible to specify which mailboxes you want imported in the import dialog. 


How to export all mail associated with an email address?


Login to the MailArchiva console as admin, click Configuration->General->Limits tab. Increase Max Selection and Export limits to max. Go to Search. In the search box, type "" (while substituting the email with the desired user's email). Click Select All. Then click Export and choose a suitable export format. Click Export.


Why does MailArchiva use two connections to MS Exchange, and what are they used for?


There are two Exchange connections.

1) SMTP Listener: MailArchiva is configured to receive journaling traffic from MS Exchange on the SMTP interface. This connection is used for communicating emails only.
2) Exchange Client Connection: MailArchiva connects to Exchange server via Exchange web services (REST) interface. The purpose of this connection is to synchronize folders, calendars and contacts (since this information cannot be obtained by the usual SMTP interface).


I have a server where Mailarchiva is installed and all the "X" mails are loaded into it, I can create multiple users who access it but if I want to upload "Y" mails, how can I make sure that the mails do not mix?


MailArchiva is not akin to a mail server where emails associated with different mailboxes are stored separately. All imported data is stored in one giant repository. Afterwards, when users login into the system, they are assigned a role with a view filter that defines which emails the users can see in the search results. For example, the user role by default has a view filter of %email%. This macro is replaced with the user's email address obtained from an authentication server (e.g. Active Directory, Azure) at the time of login. If a user is assigned the Auditor role, then by default there is no filtering applied (meaning they can see all emails) as Auditor role view filter is empty. If basic authentication is used, then the user's email address for filtering purposes is obtained directly from MailArchiva's users.xml file in the config path.


When logged in as Administrator and trying to perform a search I received the error below in red, at the top of the Mail Archiva interface “Search Access is Denied. User has no email address”. Why?


When the user logs in, if Active Directory authentication is enabled, the email address of the user is retrieved from proxyAddresses LDAP field in Active Directory. Some users may not have email addresses. For example, it is common for admin users not to have an exchange mailbox associated with them, but for the account to still exist in AD. In this case, the standard behaviour of MailArchiva is to allow the user access to the system, but not allow the user to search. If you have AD authentication enabled in Configuration->Logins, then most likely the admin user doesn't have a mailbox associated. If you want to search all users, then you could edit the Administrator role in Configuration->Roles, and clear out the view filter. Save, and attempt to search again. This will show all mail to all users.


I've setup Office 365 to put journal mail into MailArchiva On-Premise but its not working. Why?


To get O365 to communicate with MailArchiva, create an SMTP listener in MailArchiva in Configuration->Listeners to listen on port 25, and ensure that port 25 is forwarded on your firewall to the MailArchiva server, and that an A record has been created on the company public DNS (e.g. archiva) that points to this external IP address. MailArchiva's SMTP server should be accessible via the terminal from outside your network, by typing "telnet 25". if a response is not received, it means either port 25 is not forwarded correctly, there is a firewall is blocking the communications, or MailArchiva is not listening on the port. When creating the journal rule in Office 365, use the email address equivalent to where resolves to the external IP address from which port 25 is forwarded on your firewall. Furthermore, O65 requires a StartTLS secured connection to be able to communicate. Thus, it is necessary to import a certificate in MailArchiva signed by a trusted public CA such as Verisign (i.e. not a self-signed one). FYI: The same certificate can be used for both securing the console (i.e. HTTP/S) and for SMTP purposes.  Once the certificate is installed, in the SMTP listener created earlier, set connection mode to "TLS", in the certificate authentication field, select "MailArchiva certificate store" and select the imported certificate in the SMTP listener.  Feel free to experiment with "authenticate client certificates" enabled/disabled.


Why aren't subjects used as filenames in exports?


Once upon a time, we used subjects as a filename, but switched away from that approach years ago due to the problems that ensued as a result. Subjects tend to contain characters in them that do not comply with  the acceptable character requirements imposed by the various file systems. When adding a subject as a filename, one has to account for the fact that there are duplicate subjects. The system, therefore, needs to check whether the file exists or not prior to writing the file. Believe it or not, this extra "exists" check slows down the export process because an additional I/O operation must be performed on the export of each document. Some customers perform exports of 100k emails at a time. Performance is critical for them. Furthermore, when writing a file, it becomes necessary to strip out the illegal characters from the filename. This issue is compounded by the fact that different filesystems accept different character sets in a filename. In many cases, after stripping the combined intersection of all illegal characters across all filesystems, one may be left with a husk of a filename that increases the likelihood of filename conflicts with other files already written to disk. To avoid conflicts, it is then necessary to append a numeric sequential suffix to the filename. Ultimately, the suffixes can get into the thousands. You end up with filenames such as  "123233.eml", " 123234 .eml", etc.  Totally meaningless. To top it off, the extra exists check, and appending of a numeric suffix requires that threads are synchronized, and it impacts parallelism, ultimately reducing the performance of the export. I understand that micro-companies might find it convenient to use filename's as subjects, but for bigger companies with big exports, it doesn't work for the reasons outlined above. 


How do I verify which message a user views in the audit log?


If viewing the audit log from Audit section in the MailArchiva UI, it is possible to simply click on the relevant audit entry row to view the associated message. This only works if the message is still present in the store. If viewing from audit CSV data or some other print out, you can copy the ID of the message from the table row, and on the MailArchiva Search page, enter the query:


Where deb5b970c0fc06c49cf4a42c6d1e2641 is the ID of the message and click Search. If the message is present in the store, the search results should bring up the relevant message.


Why is there a need to create an SMTP client connection? Do I need to specify a username and password?

An SMTP client connection in Configuration->Connections needs to be created so that MailArchiva and its users can send emails using your mail server. Ideally, username, password credentials should be specified, so that the connection is authenticated by your mail server. When sending unauthenticated traffic via a mail server, there are often additional checks applied, such as DKIM, SPF, reverse host name lookups. These checks will typically fail if sending from MailArchiva using an unauthenticated connection.


How do I mount an old volume from a legacy version of MailArchiva?

Verify that the source import volume has a text file called volumeinfo (indicating volume ID, volume status, etc.) at the root of the volume's store path. Click Import Volume, enter store and index path location of existing volume. Click Save, then Mount. If successful, the status of the volume should change from UNMOUNTED to either CLOSED or ACTIVE. 


Please remember that volume stores are encrypted, and if you install a new copy of MailArchiva with a different encryption password, then the volume will not mount. In this case, restore your server.conf file from backup, copy it to the correct location on the server and install the latest version of MailArchiva. The new version should pick up the old configuration and allow you to mount the old volumes.


Refer to Move Server for the correct paths where the server.conf should be located. Depending on how old your volumes are, you may also need to reindex your volumes by clicking on the Reindex button in Configuration->Volumes.


When copying volumes from old MailArchiva V2 servers, it is best to copy the contents of volume store directories but not indexes. The reason being, MailArchiva V2 indexes will not be compatible with the latest version of MailArchiva. If the latest version of MailArchiva starts up, if it cannot read a volume index, the license check will report as invalid due to the presence of an unrecognizable/corrupted index. Therefore, when copying volumes created by MailArchiva V2, it is imperative to copy only the volume store directories. When importing an old volume, point its index path to an empty directory (.e.g. C:\index\index25). The index will be created afresh once the volume has been added. Thereafter, reindex the affected volume to recreate the volume's index.


How can I reset my encryption passphrase if it is forgotten?

There is unfortunately, no way to reset the encryption passphrase if lost. Be sure to backup your server.conf in /etc/opt/mailarchiva/ROOT or C:\ProgramData\MailArchiva\ROOT\conf\. If you lose this file, the data will be lost.


How to secure the webconsole with HTTP/S if having lost/forgotten the encryption passphrase?

Normally, one requires the encryption passphrase to generate the secret to the MailArchiva keystore and refer to it when enabling HTTP/S in Tomcat. If the encryption passphrase is forgotten/lost, to get HTTP/S working, one can create a new separate Java key store using Key Store Explorer (see:, import certificates & key and set both key entry and store password to the same password. Edit the Tomcat 443 connector in Tomcat server.xml, specify the location and password to the new key store and the correct alias where the certificate and key reside. Restart MailArchiva. Although the key store will not be editable inside MailArchiva, Tomcat app server will be able to use the newly-created separate keystore. Refer to Secure Access and Certificates for more info.


How to archive to a private S3 object storage server using its own in-house certificate?


MailArchiva uses the JClouds framework to write data to S3 storage. JClouds references the standard Java Runtime (JRE) certificate store. Add the required CA certificate to the default Java keystore located at /opt/mailarchiva/jre64/lib/security/cacerts. For instance:

/opt/mailarchiva/jre64/bin/keytool -import -trustcacerts -alias ca1 -file C:\temp\ca1.cer -keystore /opt/mailarchiva/jre64/lib/security/cacerts

When prompted Enter keystore password:, enter "changeit".
By default keystores have a password of "changeit"

When prompted Trust this certificate? [no]:, enter "yes".

This imports the certificate into the keystore and displays the message: "Certificate was added to keystore" where ca1.cer contains the CA certificate. If there is more than one CA certificate, use a different alias such as ca2, and so forth.

Restart MailArchiva for changes to take effect.



© 2005 - 2024 ProProfs

Found this information useful? Visit to learn more about MailArchiva.