Code Bible

Retention Policies

4 min read

Retention policies govern the rules on what emails are automatically archived and deleted. They also govern what rules the users have access to for automatic archival and deletion

Prerequisites

You will need access to the company’s Office 365 Tenant with an account that has the requisite permissions to make changes in the Exchange Admin Center and the Compliance Center.

These commands require the ExchangeOnlineManagement module.

Processes

Checking a Policy’s settings

  1. Get the policy name applied to a user

    1. Log in to the Exchange Admin Center
    2. On the left, go to Recipients > Mailboxes
    3. Search for the user you want to check the policy for
    4. Click on them and switch to the mailbox tab
    5. Go down to Mailbox policies > Retention policy
    6. Note the policy name

  2. Check the Policy retention tags

    1. Log into the Compliance Center
    2. On the left, go to Data lifecycle management > Exchange (legacy)
    3. Click on the policy name that you noted previously
    4. Make a note of all the tags listed under the policy

  3. Check the retention tags settings

    1. At the top of the Exchange (legacy) page, switch to the “MRM Retention tags” page

    2. For each tag noted above, check the settings

      • Type: How the rule is applied

        • Personal: Applied by the user to specific folders
        • Default: Applied to all folders in the mailbox, but can be overridden by a Personal or folder name policy
        • “Folder name”: Applied by default to the named folder, but can be overridden by a Personal policy

      • Retention Period: How long before the Retention Action takes effect

      • Retention Action: The action to take with the email

      • Three example rules are below:

        NameTypeRetention PeriodRetention ActionExplanation
        1 Month DeletePersonal30 daysDeleteOn any folder the user enables this policy on, delete any emails over 30 days
        Default 2 year move to archiveDefault730 daysArchiveFor any email over 2 years old, move the email into the online archive, if enabled, unless another policy is applied to that folder
        Junk EmailJunk Email30 daysDeleteDelete any email in the Junk Email folder that is over 30 days old

Creating a new policy

  1. Create any needed Retention tags
    1. Log into the Compliance Center
    2. On the left, go to Data lifecycle management > Exchange (legacy)
    3. Switch to the “MRM Retention tags” page
    4. Click the ”+ New tag” button
      1. Give the tag a good name, add a description, and click Next
        • Example name: Default 1-year move to archive
        • Example description: Move any emails older than a year into the online archive
      2. Select the option that fits your need
        • Example: Automatically to entire mailbox (default)
      3. Set the Retention Period and Action
        • Example Retention Period: When items reach the following age (in days)
          365
        • Example Retention Action: Move item to archive
    5. Repeat for any other needed retention tags
  2. Create a new Retention policy
    1. Switch to the “MRM Retention Policies” page
    2. Click the ”+ New policy” button
      1. Give the tag a good name and click Next
        • Example name: Default 1-year archive
      2. Under Tags click Edit
      3. Click ”+ Add tag”
      4. Check off any tags that should be available or applied then click add
        • Tip: Check off all the Personal tags, so the user has more options
      5. Click Next and Submit
  3. Apply the policy to a user
    1. Log in to the Exchange Admin Center
    2. On the left, go to Recipients > Mailboxes
    3. Search for the user you want to check the policy for
    4. Click on them and switch to the mailbox tab
    5. Go down to “Mailbox policies” and click on “Manage Mailbox Policies”
    6. Under Retention Policy, click the dropdown and switch the policy

Run the Policies

Use this command to force the applied policies to run on a mailbox

Start-ManagedFolderAssistant -Identity "[email protected]" -FullCrawl

Check the Managed Folder Assistant Progress

To check details of MFA processing for a mailbox, use the Export-MailboxDiagnosticsLogs cmdlet.

$Log = Export-MailboxDiagnosticLogs -Identity James.Ryan -ExtendedProperties
$xml = [xml]($Log.MailboxLog)
$xml.Properties.MailboxTable.Property | Where-Object {$_.Name -like "ELC*"}

Source and more details

Troubleshooting

Finding and resolving issues with retention policies not applying

Review Applied Personal Policies

This command will list any folder with a personal policy applied, including the path and the policy applied to the folder. This can be useful to see if a user has overridden a default policy with a personal policy

Get-MailboxFolderStatistics -Identity "[email protected]" | where {$_.ArchivePolicy -ne $null} | fl FolderPath,ArchivePolicy

Check for Holds

A retention hold can override the archiving settings, preventing them from being applied.

Get-Mailbox -Identity "[email protected]" | Select-Object *RetentionHold*

Graph View