Exchange Server

Adjusting Exchange Online Deleted Item Retention

Have you been getting frantic calls and emails from your Exchange Online users who are trying to get an email that they accidentally deleted a few weeks ago, but they can’t find it anywhere? They’re probably running up against the default limit that Exchange Online uses for deleted item recovery.

By default, items that have been deleted in Exchange Online are available to be recovered for a period of 14 days. If you have users looking to recover items that have been deleted more than two weeks ago, then you’ll need to adjust some deleted item retention settings.

Adjusting Exchange Online deleted item retention
Need to extend the period that users can recover emails that have been deleted in Exchange Online? J. Peter Bruzzese shows you how. (Image: Dreamstime)

How to adjust Exchange Online deleted item retention rules

If your users need more time to recover those deleted emails, then you can increase this period up to a maximum of 30 days in just a few simple steps using Windows PowerShell. Here are the steps below:

  1. Connect to Exchange Online using PowerShell. If you need to review how to do this, check out my article that walks you through how to connect to Exchange Online using PowerShell.
  2. Enter and run this PowerShell command:
    ​ Get-Mailbox | Set-Mailbox -SingleItemRecoveryEnabled $True -RetainDeletedItemsFor 30

    Note: you can adjust this command to be directed at specific mailboxes or you can keep it open for all mailboxes.

  3. As always, make sure to disconnect your session when you are done using one of the following commands:
    ​ Remove-PSSession

Taking a step back for a moment, let’s consider the misconception folks have with regard to Office 365 and Exchange Online. Microsoft offers 99.9% availability, but that focus is on the availability of existing data. There is no backup and recovery solution that allows you to reach back in time for data.

Sponsored Content

Passwords Haven’t Disappeared Yet

123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?

With an archive solution you would not be able to recover something deleted beyond the deleted item retention time. And as you’ve just learned, that time period is limited to 30 days at most. As a result, that puts you in an awkward position to provide message retrieval for those (hopefully few) moments when you need to.

Exchange Online deleted message retrieval options

What are some additional options when it comes to providing message retrieval for Exchange Online users? You have two options in this regard.

1. Put mailboxes on legal hold

The first is to place mailboxes on legal hold — also known as a litigation hold — which will retain all mailbox contents for the duration of the hold.  To be prepared continually you would need to initiate legal hold at the outset of using Exchange Online so that mailboxes are on hold and data is preserved.

This does not mean, by initiating legal hold, that end users will now be able to retrieve their own message in much the same way they can retrieve deleted items still held under the retention time. Rather, it will require an administrator to recover the items through a discovery search. It’s not an elegant solution and may require additional fees to purchase the archive piece of Office 365.

2. Use a third-party email message archiving service

The second option is to utilize a third-party, cloud-based archive solution so that messages are retained in this way. End users might be given the ability to retrieve their own archived messages in this case but they would not be capable of deleting them.

Ultimately there are options. Unfortunately, at this time, increasing deleted item retention time is a limited solution at best, with legal hold being a poor secondary option.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Don't leave your business open to attack! Come learn how to protect your AD in this FREE masterclass!REGISTER NOW - Thursday, December 2, 2021 @ 1 pm ET

Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc. 

Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:

  • Whether you should upgrade your domain controllers to Windows Server
    2019 and beyond
  • Achieving mission impossible: updating DCs within 48 hours
  • How to disable legacy protocols and outdated compatibility options in
    Active Directory

Sponsored by: