ArchiveOne Enterprise, all versions
When performing an archive search for items where 'To contains "Admin"', why do I get every message returned from the archive?
When an item is archived, ArchiveOne will try to index information from the following sources for the To, From, CC and BCC fields of a message:
*the user's display name (if available)
*the user's SMTP address (if available)
*the DN of the user (if available)
This data is indexed to provide consistency of information, and to allow the user to search on this field if one or more of those values cannot be determined.
When performing an archive search, the service checks the index for each of the above three values and returns matched messages if the string is in any one of these. For example, if you archive a message sent to email@example.com, the information present in the various sources that we index the data from (and therefore, the values that are searched against) would be:
*Display name: "User 1"
*SMTP address: User1@yourdomain.com
*DN: "/o=QADom-Org/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=user1"
As can be seen from the above example, although "Admin" does not appear in the display name or the SMTP address for the user, it does appear in the DN for the user (as part of the Administrative Group name). Therefore searching "To" for 'Contains "Admin"' will return every archived message to every user in your environment. To avoid this, you will have to be more specific with your search criteria.
Link To This Page: