In essence, stubbing is an archiving mechanism where attachments and the body of an email are stripped from the...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
message. The email application retains only the header and a stub file, or link within the message. The actual message and attachment are stored in a separate archive. In GroupWise, a Novell Inc. software product that offers email, for example, the user database stores the message header information, and the message database holds the messages' content and small attachments. Larger attachments are stored as binary large objects (BLOBs) in a directory. Removing storage-intensive attachments means a much smaller message store. This improves overall system performance and allows administrators to more efficiently manage backups and scheduled maintenance while keeping the entire message accessible to the end-users.
A recent Microsoft white paper on email security recommended that large-enterprise Exchange users provide larger email boxes while moving old emails to a third-party email archiving product. The company's argument is that the volume and size of email continues to increase daily, and end users who have to spend time everyday trying to manage a mailbox with a low maximum volume are not going to be productive. Also, people will try to circumvent restrictions leading to further problems. Over time, an email inbox can get quite large, with tens of thousands of emails. And if you're not allowed to delete any of them, such a large number messages –- even if they're just stubs –- can quickly become unmanageable. And, of course, since a stub file has little information in it -- sometimes only a message header –- trying to find an old message becomes almost impossible.
But stubbing or email archiving means that you now have extra storage locations that need securing and protecting. Also, electronic documents must be stored in a format that does not change the information. Encryption is allowed and obviously recommended, but any stubbing must not remove or lose information about points of origin, destinations, dates and times. The 2002 Sarbanes-Oxley Act, for example, stipulates that companies must save all documentation used to create financial reports and audits. The document-retention period is seven years, and recovery time is limited to a few days following a federal request. The SEC has expanded Rule 17a to now require that exchange member and brokerage house record keeping include all forms of internal and external electronic communication, such as emails.
Because of the legal importance of such emails, Write-Once-Read-Many (WORM) magnetic disk storage should be used with any email archiving system. WORM also has the added advantage of faster response times than tape or optical disk. Storage risk assessment is vital to the security and protection of such valuable company information. A secondary, geographically separated data center should be considered. Smaller email systems may well benefit from taking a stubbing approach, although medium-sized and large enterprise systems will probably do better with a pure archiving implementation.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.