Check Mailbox Retention Policy in M365

Native Solution

Microsoft 365 Permission Required

High

Least Privilege

Reports Reader

Most Privilege

Global Admin

Option 1 Using Exchange Admin Center

Log in to the Exchange admin center.
Navigate to Recipients»Mailboxes»respective mailbox»Mailbox»Retention policy.
Here, you can check the retention policy applied to a specific Exchange Online mailbox.

Note: To review retention policies and settings for all mailboxes at once, consider using the Exchange Online Management Shell for a more comprehensive overview.

Option 2 Using Windows PowerShell

To check the mailbox retention policy for all mailboxes using PowerShell in Microsoft 365, first connect to the Exchange Online module.
Windows PowerShell
```
 Connect-ExchangeOnline
```
Then, execute the cmdlet below to list all user’s mailbox retention policies and the corresponding retention settings.

Windows PowerShell

 Get-Mailbox -ResultSize Unlimited | Select-Object DisplayName, UserPrincipalName, RetentionPolicy, RetainDeletedItemsFor, RetainDeletedItemsUntilBackup, UseDatabaseRetentionDefaults | Export-Csv -Path "<CSV File Path>" -NoTypeInformation

Running the above cmdlet will retrieve all mailboxes with their retention policies and its related settings. This includes the deleted item retention period, backup retention status, and the default database retention status.
Note: Make sure to replace <CSV File Path> with the path where the output CSV file should be stored. For eg: D:/EXO/Retention.csv.

AdminDroid Solution

More than 150 reports are under the free edition.

AdminDroid Permission Required

Delegated

Any user with report access assigned by Super Admin.

StepsUsing AdminDroid

Sign in to the AdminDroid Office 365 reporter.
Navigate to the Mailbox Retention Settings report under Reports»Exchange»Mailbox Settings»Retention Settings.

This report helps to get the retention policy applied to mailboxes, including key information such as the deleted item retention duration, default database-level retention status, and more.

Utilize the built-in chart to easily visualize the mailboxes assigned with retention policies in your organization. You can click on the respective insights to get a report filtered for a specific retention policy.

Explore a full range of reporting options

In-Depth Review of Exchange Online Mailbox Retention Settings!

Transform your mailbox management like never before with Exchange Online mailbox settings reports! Gain real-time insights into retention, mail tips, quarantined mailboxes, etc., to optimize your Microsoft 365 administrative strategy.

Witness the report in action using the

Live Demo

Important Tips

Assign a license with Exchange Online Plan 2 or the Archiving add-on to shared mailboxes to enable Microsoft 365 archiving and manage emails efficiently.

Avoid creating personal retention tags unless absolutely necessary, since Outlook allows users to apply these tags independently of other policy assignments.

Apply eDiscovery holds to mailboxes to ensure they take precedence over the retention policy, preventing important emails from being permanently deleted.

Exchange Online Effortlessly Manage Retention Policies and Settings in Exchange Online

Showing 1 of 5

How to create new retention tags for archive and deletion policies? How to create a custom retention policy for Microsoft 365 mailboxes? How to apply retention policies to Exchange Online mailboxes? Why is the retention policy not working as expected in a mailbox? How long is the retention period for deleted emails in Exchange Online?

How to create new retention tags for archive and deletion policies?

Retention tags are the primary components for applying retention or archive settings to the folders in M365 mailboxes. These tags determine how long emails are retained in the folders.

How to create custom retention tags for Exchange Online?

Sign in to the Microsoft Purview portal and navigate to Solutions»Data lifecycle management»Exchange (legacy)»MRM Retention tags»New tag.
Provide a name for your retention tag and add an optional description. Then, define how the tag will be applied to email items by selecting the required options below.
- Automatically to entire mailbox (default): This applies the archive or retention setting to the entire mailbox.
- Automatically to default folder: This applies the archive or retention setting to a selected default mailbox folder.
- By users to items and folders (personal): This lets users apply retention settings to custom folders and individual items. Users can also apply personal tags to emails or folders, even if those tags aren't included in their assigned retention policy.
Next, define the retention settings by specifying the retention period.
- When item reaches the following age (in days): Choose this option and enter the number of days after which the deletion or archiving must occur.
- Never: Choosing this option disables the retention action. This is mainly for personal tags, allowing users to apply archiving or retention immediately.
Then, choose the appropriate retention action for archiving or deletion.
- Delete and allow recovery: Allows recovery of deleted items from the Recoverable Items folder for a specific period (usually 14 days).
- Permanently delete: Moves items to the mailbox's Purges folder for final deletion. If single item recovery is disabled in the mailbox, items will be permanently deleted immediately.
- Move item to archive: Transfers items to the user’s archive mailbox (no action occurs if the user does not have an archive mailbox).
Finally, review the configurations of the tag and click Submit.

Repeat the above steps to create additional retention tags based on your requirements.

How to create a custom retention policy for Microsoft 365 mailboxes?

Whenever you assign an Exchange Online license to a user, a mailbox is created with a default MRM retention policy. This policy is set to move items to the archive mailbox after two years. It also includes various personal tags, allowing users to apply them easily to folders or mailbox items to automate moving or deleting messages.

You can also create a custom retention policy to modify the Default MRM policy in Microsoft 365 mailboxes. To create a new retention policy for Exchange mailboxes, follow the steps described here.

Create a new retention policy for Exchange Online mailboxes

Go to Solutions»Data lifecycle management»Exchange(legacy)»MRM Retention policies»New policy in the Purview portal.
Enter the name of the policy and click Add tag to include the desired retention tags you’ve created.
Finally, review the policy and click Submit.

Eliminate the hassle of manual checks and get real-time MRM retention policy updates effortlessly with AdminDroid!

Filter the All Activities report by the ‘New-RetentionPolicy’ and ‘New-RetentionPolicyTag’ operations to see who created retention policies and retention tags.
Moreover, you can filter the report based on the ‘set’, ‘get’, or ‘remove’ operations on the retention tags and policies to get all the actions.

Smart Insight: Use the Alert (🔔) option in the report to receive instant notifications whenever there are changes to retention policies.

How to apply retention policies to Exchange Online mailboxes?

After creating a custom retention policy with retention tags, you can set up an archive and deletion policy for mailboxes. If the policy includes tags to move emails into an archive, enabling the archive mailbox in advance is recommended. Follow these steps to enable archive mailboxes and set retention policy to Microsoft 365 mailboxes.

1. Enable archive for a mailbox in Exchange Online

In the Exchange admin center, head to Recipients»Mailboxes» respective mailbox»Others.
Select the Manage mailbox archive option and enable the Mailbox archive status toggle.
Enter a name for the archive mailbox and click Save. If no name is provided, it will be set to 'In-Place Archive - <UserDisplayName>'.

You can also use PowerShell to enable archive for a mailbox with the following cmdlet.

Enable-Mailbox -Identity "<Mailbox UPN>" -Archive

2. Apply a retention policy to mailboxes in Exchange Online

Navigate to Recipients»Mailboxes» respective mailbox»Mailbox» Manage mailbox policies in the Exchange admin center.
Choose the retention policy you’ve created from the Retention Policy drop-down and click Save.

To apply a retention policy to multiple or all mailboxes, select them, choose the Mailbox Policies option from the top, and pick the desired policy. Also, if you want to apply the new retention policy instead of the default one for future mailboxes, use the following command:

$DefaultPlan = Get-MailboxPlan | Where-Object { $_.IsDefault -eq $true }
Set-MailboxPlan -Identity $DefaultPlan.DisplayName -RetentionPolicy "<New Retention Policy>"

Why is the retention policy not working as expected in a mailbox?

Retention policies in Exchange Online might not work as expected due to several reasons. Here are some common issues and solutions:

Verify and Check Retention Policy Settings First, confirm that the appropriate policy is assigned to the intended mailboxes. Ensure retention tags in the applied policy are correctly configured for deletion or archiving to prevent unexpected behavior. Regularly audit retention policies to track changes and correct them if there are any discrepancies.
Check if Retention Hold is Enabled Ensuring the mailbox is not under retention hold can help address why the retention policy is not working as expected. This is because mailboxes with retention hold won’t process any retention actions, as the hold suspends retention policies.
Trigger the Mailbox Folder Assistant (MFA) By default, a new retention policy can take up to 7 days for the retention settings to be applied to the mailbox. This is because the Managed Folder Assistant (MFA) processes MRM (Messaging Records Management) once every 7 days. To apply the new retention settings immediately, run the ‘Start-ManagedFolderAssistant’ cmdlet to start the Managed Folder Assistant for all mailboxes.
```
(Get-Mailbox -ResultSize Unlimited).UserPrincipalName | Start-ManagedFolderAssistant
```
Check Whether ELC Processing is Disabled Ensure that email lifecycle (ELC) processing is not disabled for the mailbox, as it controls the Managed Folder Assistant (MFA). If the ELC processing is disabled for a Microsoft 365 mailbox, the MFA can't process the mailbox. Also, note that this setting will be ignored if the mailbox has a retention policy with Preservation Lock enabled.
```
Get-Mailbox -Identity "<Mailbox UPN>" | Format-List ELCProcessingDisabled
```
Check for Default Archive and Retention Tags Ensure that no archive or retention tags with actions like "never move to archive" or "never delete" have been applied to folders or the entire mailbox. This check helps to resolve conflicts and prevent unintended behaviour in data retention and archiving processes.

By addressing these factors, you can effortlessly resolve retention policy issues and ensure compliance with mailbox management requirements.

How long is the retention period for deleted emails in Exchange Online?

To understand the retention lifecycle of a deleted email in Exchange Online, we need to look at what happens when an email is deleted. Emails can be manually deleted or removed by a retention policy. They first enter a soft-deleted state, allowing users to recover them, and later transition to hard deletion. In some cases, emails may be directly hard deleted based on the user action or policy.

How long are soft-deleted emails retained in Exchange Online?

By default, in Exchange Online, soft-deleted emails are stored in the Deletions folder (Recoverable Items in the UI) within the Recoverable Items folder.
Users can recover these emails for up to 14 days by default. However, admins can change how long soft-deleted items are kept for an Exchange Online mailbox to up to 30 days.
To set the deleted item retention in an Exchange Online mailbox, run the following command, replacing <Days> with the desired value.

Set-Mailbox -Identity "<Mailbox UPN>" -RetainDeletedItemsFor "<Days>"

Is it possible to recover hard-deleted emails from Outlook?

After the soft-deletion stage (deleted from the Deletions folder), emails are hard-deleted and moved to the Purges folder.
Admins can recover permanently deleted emails unless they are erased due to the Recoverable Items storage limit. Additionally, the admin must be a part of an Exchange role group with Mailbox Import Export permission to recover hard-deleted emails.

AdminDroid Exchange Online ReporterKeep track of Exchange Online retention settings with AdminDroid’s comprehensive features!

The AdminDroid’s Exchange Online reporting tool provides a crystal-clear metrics on every detail of mailbox settings. These extensive reports effectively assist with administrative tasks, such as managing Exchange Online MRM retention policies and settings to ensure proper email retention.

A Quick Summary

Identify Holds on Mailboxes with Retention Policies

For all mailboxes with retention policies, always identify the types of mailbox holds applied, since they can override the retention settings and impact data lifecycle management.

Remove Retention Holds on Shared Mailboxes

Identify shared mailboxes with retention holds and remove unnecessary ones to avoid interference with retention policies. This helps optimize storage and ensures seamless mail deletion in high-traffic mailboxes.

Regular Automated Insights for Retention Reports

Use the AdminDroid's scheduling option in the Mailbox Retention Settings report to receive automated insights at regular intervals to promptly address retention policy changes on mailboxes.

Easily Find and Enable Archive Mailbox for M365 Users

To quickly apply the MRM policy that archives emails, identify non-archived mailboxes in Microsoft 365 and enable archive for the necessary mailboxes as needed.

Review Inbox Rules to Ensure Proper Email Retention

Frequently review the inbox rules in Exchange Online that redirects the emails to a specific folder where the retention policy is applied to delete the emails after a specific period.

Monitor Email Forwarding for Retention Policy Compliance

Regularly review mail forwarding in Outlook to prevent users from forwarding messages that must be deleted under retention policies, ensuring compliance with organizational regulations.

Overall, the Exchange Online management tool from AdminDroid is a one-stop solution for email management and administration in Microsoft 365. Apart from checking retention policy for Microsoft 365 mailboxes, the tool simplifies overall Exchange Online management with vivid charts and extensive stats.

Kickstart Your Journey with AdminDroid

Your Microsoft 365 Companion with Enormous Reporting Capabilities!

Download

Common Errors and Thier Troubleshooting Hints for Exchange Online Retention Policy Management

Here are the common errors encountered during retention policy management in Exchange Online and their corresponding resolutions.

Error: Get-Mailbox : The term 'Get-Mailbox' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

This error occurs in PowerShell when the ‘Get-Mailbox’ cmdlet is executed without connecting to the Exchange Online module.

Troubleshooting hint :Before using the ‘Get-Mailbox’ cmdlet, ensure you have installed and connected to the Exchange Online PowerShell module using the following commands.

Install-Module -Name ExchangeOnlineManagement
Connect-ExchangeOnline

Error: Ex735436|Microsoft.Exchange.Management.Tasks.RecipientTaskException|Recipient XYZ already has an archive. This task doesn't support multiple archives per recipient.

This error occurs in Exchange Online PowerShell when you attempt to enable an archive mailbox for a user who already has an archive mailbox. Exchange Online supports only one archive mailbox per user.

Troubleshooting hint :Verify whether the user already has an archive mailbox by running the following command. If the output shows Active, the user already has an archive mailbox, and no further action is needed.

Get-Mailbox -Identity "<Mailbox UPN>" | Select-Object ArchiveStatus

Error: The operation on mailbox "X" failed because it's out of the current user's write scope. The value of properties 'RetainDeletedItemsFor' exceeds the maximum allowed for user 'X' with license 'Y'.

This error occurs when the specified 'RetainDeletedItemsFor' value exceeds the maximum permissible days (30).

Troubleshooting hint :Ensure that the entered 'RetainDeletedItemsFor' value does not exceed 30 days.

Set-Mailbox –Identity "<Mailbox UPN>" -RetainDeletedItemsFor 30

Error: Microsoft.Exchange.Data.StoreObjects.ObjectNotFoundException|Logs for component 'MRM' weren't found in mailbox Identity:'X'.

The error occurs because the MRM logs are missing, due to the mailbox not having retention policies or archiving actions applied.

Troubleshooting hint :Ensure retention policies are applied, then manually trigger MFA (Managed Folder Assistant) using the ‘Start-ManagedFolderAssistant’ cmdlet.

Start-ManagedFolderAssistant -Identity "<Mailbox UPN>"

Delivering Reports on Time

Want a desired Microsoft 365 reports every Monday morning? Ensure automated report distribution and timely delivery with AdminDroid’s Scheduling to your email anytime you need.

Schedule tailored reports to execute automatically at the time you set and deliver straight to the emails you choose. In addition, you can customize report columns and add intelligent filtering to the activities just from the previous day to suit your Microsoft 365 report requirements.

Set It, Schedule It, See Results - Your Reports, Your Way, On Your Time!

Time Saving Automation Customization Intelligent Filtering

Give Just the Right Access to the Right People

Grant fine-tuned access to any Microsoft 365 user with AdminDroid’s Granular Delegation and meet your organization’s security and compliance requirements.

Create custom roles loaded with just the right permissions and give access to admins or normal users within AdminDroid. The result? A streamlined Microsoft 365 management experience that aligns your organization's security protocols and saves your invaluable time and effort.

Give Just the Right Access to the Right People

Align, Define, Simplify: AdminDroid's Granular Delegation

Smart Organizational Control Effortless M365 Management Simplified Access

Advanced Alerts at a Glance

Receive quick notifications for malicious Microsoft 365 activities. Engage with the AdminDroid’s real-time alert policies crafted to streamline your security investigations.

Stay informed of critical activities like suspicious emails and high-risk logins, bulk file sharing, etc. Through creating and validating ideal alert policies, AdminDroid provides a comprehensive approach to real-time monitoring and management of potential threats within your organization.

AdminDroid Keeps You Always Vigilant, Never Vulnerable!

Proactive Protection Real-time Monitoring Security Intelligence Threat Detection

Merge the Required Data to One Place

Combine multiple required columns into one comprehensive report and prioritize the information that matters most to you with AdminDroid’s Advanced Column Customization.

This column merging capability offers a flexible way to add different columns from various reports and collate all the essential data in one place. Want to revisit the customized report? Save it as a 'View’, and your unique report is ready whenever you need it.

Merge with Ease and Save as Views!

Custom Reporting Unique View Desired Columns Easy Data Interpretation

Insightful Charts and Exclusive Dashboards

Get a quick and easy overview of your tenant's activity, identify potential problems, and take action to protect your data with AdminDroid’s Charts and Dashboards.

With AdminDroid charts and dashboards, visualize your Microsoft 365 tenant in ways you've never thought possible. It's not just about viewing; it's about understanding, controlling, and transforming your Microsoft 365 environment.

Insightful Charts and Exclusive Dashboards

Explore Your Microsoft 365 Tenant in a Whole New Way!

Executive overviews Interactive insights Decision-making Data Visualization

Efficient Report Exporting for Microsoft 365

Downloading your reports in the right file format shouldn’t be a hassle with AdminDroid’s Report Export. Experience seamless report exporting in various formats that cater to your needs.

Navigate through diverse options and export Microsoft 365 reports flawlessly in your desired file format. Tailor your reports precisely as you need them and save them directly to your computer.

Efficient Report Exporting for Microsoft 365

Take Control, Customize and Deliver- Your Office 365 Data, Exported in Your Way!

Easy Export Seamless Downloading Data Control Manage Microsoft 365

How to Get Mailboxes with Retention Policy in Exchange Online