Several years ago, another reviewer at TechGenix reviewed MailStore Server. That review, which was written about four years ago, pertained to version 10. A lot has changed since that first review. In fact, MailStore recently released version 13.1 of its MailStore Server.
For this review, I wanted to look at some of the major features that have been released since version 10. Space limitations will prevent me from covering every feature, but there are several new features that I want to review.
Introduction to MailStore Server
For those who might not yet be familiar with MailStore Server, it is an email archiving solution designed to work with a variety of different email platforms. While it is true that some of the better messaging platforms do have archiving capabilities of their own, MailStore Server is very feature-rich and goes well beyond the native capabilities found in most platforms. Perhaps more importantly, because MailStore Server is separate from the messaging platform itself, it offers an extra isolation boundary for the archived data. This is obviously important from a security standpoint, but it also eliminates the problem of having message archives count against your mailbox quotas while also reducing the workload of the messaging servers themselves. If you haven’t already, I would highly encourage you to check out the original MailStore review.
Retention policies
One of the first features that MailStore added following the initial review was retention policies, which were introduced in version 11. Retention policies are an absolute must-have for any organization required by law to retain messages for a specific length of time. As you can see in the screenshot below, retention policies are just one of several compliance-related features found in MailStore Server. Some of the others include legal hold and auditor access.
MailStore Server’s retention policies allow you to control how long messages are kept within the archives before they can be deleted. Incidentally, you can enable the automatic deletion of messages whose retention period has expired, but the software does not force you to delete old messages.
As you can see in the next screenshot, setting up a retention policy is easy and intuitive. You can apply retention policies to all messages or to messages that meet specific criteria, such as having a specific subject line or being sent by a particular user. The retention period can be expressed in days, weeks, months, or years. As previously noted, you can opt to automatically delete a message at the end of its retention period.
Although you can create a single retention policy that applies to all messages, you can also create policies that are far more granular. When doing so, you have the option of assigning priorities to your retention policies so that higher priority policies take precedence over lower priority policies in the event that multiple policies apply to a message.
GDPR compliance
One of the big improvements in MailStore Server version 12 was GDPR certification through an audit by independent data privacy experts. I don’t want to spend a lot of time talking about GDPR certification because there are some other things that I want to talk about, but GDPR certification is extremely important for organizations within the European Union or for non-European organizations that do business in the European Union.
It’s also worth noting that GDPR compliance is just one way in which MailStore is focusing on security. In fact, the company has adopted a “secure by default” philosophy. In accordance with this philosophy, MailStore has incorporated numerous security features such as a fully encrypted database and TLS encryption for both inbound and outbound traffic. MailStore has published a list of the security mechanisms that they have introduced to make their product as secure as possible. You can find this list here.
Let’s Encrypt TLS certificates
Another important feature introduced in version 12 was support for Let’s Encrypt certificates. For those who might not be familiar with Let’s Encrypt certificates, Let’s Encrypt is a non-profit certificate authority that provides free TLS certificates to websites and applications. Given how pricey some of the certificate authorities can be, it’s nice to have a free option.
It’s worth noting that MailStore Server has done more than just add support for free certificates. You can actually perform the entire certificate request process from within the MailStore Server Service Configuration console, as shown in the screenshot below. This makes the process of requesting, acquiring, and deploying the certificate super easy.
Modern authentication
The most significant change that MailStore introduced in version 13 was support for modern authentication (the OAuth2 and OpenID Connect protocols). These protocols allow MailStore Server to work with Microsoft 365 and Google Workspace (formerly known as Google G Suite) without having to rely on less secure, legacy authentication protocols. This also means that if you have multifactor authentication enabled for your Microsoft 365 environment, that multifactor authentication will also extend to MailStore Server.
Incidentally, MailStore Server works with much more than just Microsoft 365 and Google G Suite. As you can see in the screenshot below, MailStore Server works with a variety of email servers.
While I am on the subject of Microsoft 365, MailStore has also created a collection of dedicated archiving profiles for Microsoft 365. These profiles make it a lot easier for admins to set up archiving for Microsoft 365 environments because they can opt to use one of the prebuilt profiles shown in the screenshot below rather than having to build a profile from scratch.
MailStore Server Version 13.1
The most recent version of MailStore Server is 13.1. As the version number implies, this version represents a minor upgrade from version 13. Even so, this new version contains an important feature — native support for the Active Directory Federation Services (ADFS). This means that organizations using ADFS in conjunction with their Microsoft Active Directory or with an LDAPv3 directory service can take advantage of modern authentication even if they aren’t using Microsoft 365 or Google Workspace.
The documentation
One last thing that I wanted to mention before concluding this review: Over the course of evaluating the features discussed in this review, I had to consult the documentation a few times. In doing so, I found the documentation to be well written and MailStore arranged the documentation in a way that made it easy to find exactly what I was looking for.
The verdict
When I write a review for TechGenix, I always conclude the review by giving the product a score ranging from zero to five stars, with five stars being a perfect score. In the case of MailStore Server, I find myself in a somewhat unique position.
Those of you who have read some of my other product reviews know that I do not like to give perfect scores. I have occasionally given a perfect score for a product that is truly exceptional, but most of the products that I have reviewed are not perfect.
In the case of MailStore Server, the product was originally reviewed by another TechGenix author, who gave MailStore Server a perfect score of five stars. I have no reason to believe that this score was undeserved, but because I did not start the review process from scratch, I have not validated all of the product’s core features for myself. Even so, there is no denying that with all of its new features, MailStore Server has gotten better since the original review was written, so it seems only fair for the perfect five-star score to remain.
Rating: 5/5
As previously discussed, there are way too many new features to cover all of them in a review. You can find the feature announcements for the various versions of MailStore Server on these pages:
