Wednesday, February 25, 2015

Did You Know: New O365 Deleted Item Retention Changes #MSExchange #Office365 #IAMMEC

On February 20th the Office 365 team introduced a change to the email retention period for deleted items in Exchange Online. Now, the retention period for the Deleted Items folder has been extended indefinitely. This means simply that any emails that you delete in your Office 365 mailbox will not disappear after 30 days if your mailbox is configured to use the default retention policy.

What does this change mean?

By default, Exchange Online comes with a retention policy called “Default MRM Policy.” This retention policy is applied to all new Exchange Online mailboxes. Part of this default policy is the Deleted Items retention tag which is configured to delete any items in the Deleted folder that is older than 30 days.

Fair enough!

If a company has compliance rules or other business requirements that dictate a change in how long deleted items are kept, the administrator can quite easily change the retention period for the Deleted Items retention tag. Many have done this in the past, for instance, to extend the number of days deleted items are kept (i.e. 90 days). If you already have a custom retention policy that is being applied to mailboxes then this change will not affect you.

Either way, with this new change any Exchange Online mailboxes that are using the Default MRM Policy will not have messages in their Deleted Items folder removed after 30 days. This change from the Office 365 team will essentially instruct “the system to ignore the 30 day delete tag on the Deleted Items folder if the retention policy’s name is “Default MRM Policy.”

As alluded to earlier, this change does mean that we need to understand the potential ramifications within our own environments. I see several potential issues. First, each organization has their own set of business requirements, compliance and legal rules, and general culture of how email is consumed. Administrators need to make sure that this change remains in line with existing compliance rules and if not, make the appropriate changes. Secondly, the potential impact on the amount of new data that will be downloaded by Outlook clients need to be examined. Outlook 2013 provides an easy mechanism to keep offline storage of mailbox data in check, but legacy versions do not.  

Why was this change made?

On the surface, this announcement may seem like a welcome change. It really is a terrible feeling when you are trying to find an email that was flushed out of the mailbox through a retention policy. Or even worse, receiving a phone call from an end user that is trying to find email in their deleted items folder. We all know the end users that view the Deleted Items folder as storage repository or archive even after being gently nudged not to. Makes me cringe!  

I’m sure the Office 365 support teams come across irate customer on a daily basis that simply do not understand about retention policies and tags. The support teams are put in the position to try and gently explain to end users the proper purpose of the Deleted Items folder much like us Exchange administrators have done the past 18 years or so. That doesn’t always work out so well. =)

One could make the casual assumption from this change that the cost of storage these days is simply much cheaper than the support costs of dealing with irate customers that have lost items from their Deleted Items folder. From a Microsoft perspective, the whole purpose of Office 365 is to help increase the productivity of their customer base. A quick scan on the Office 365 support forums produced numerous posts about how to change the Deleted Item retention for mailboxes. I did observe that more than one of these posts were prefaced with something to the effect of “I’m not an IT guy.” In that context, this latest change in the service certainly makes sense.

The Office 365 post states that:

We’ve all been there, you search for an email or calendar invite in Outlook only to find that it isn’t there anymore. Until now deleted items were moved into the Deleted Items folder, then they would disappear after being in that folder for 30 days. With this update, the length of time items remain in the Deleted Items folder is extended to indefinitely or according to the duration set by your administrator. So that email or calendar invite you were looking for is still there if you search for it later—even if you accidentally deleted it.

It is easy to conclude from this statement that this change was in fact made because the good folks running Office 365 want to make sure that end users can stay productive – and happy!

Wait – I don’t want unlimited storage in my environment?

As an administrator we can change the retention period for Deleted Items to whatever we want. With this change the Office 365 team has provided us a great deal of flexibility in how we want to approach the data retention conversation. We can now limit the age of messages in our Deleted Items from 1 day to infinity. That is certainly flexibility at play.  

If this change does not agree with you, and you have not already created a custom retention policy, and are using the 'Default MRM Policy' then Microsoft recommends simply renaming this default retention policy.

In all my years as a consultant, I have certainly learned the hard way that simplicity is always best!

To start the process of renaming the 'Default MRM Policy' we can drop to a PowerShell windows and connect to our Exchange Online environment and use the following PowerShell command to list all our retention policies:


If we have several retention policies besides the default, and want to check which policy is being applied to a specific user, we can use the following PowerShell command:

Get-Mailbox jharris | fl *ret*

This command will allow us to see all the retention specific options for the specified mailbox.

We can rename the 'Default MRM Policy' by using the Office 365 Admin portal by going to the Exchange admin center, compliance management and then retention policies. From there we can edit the 'Default MRM Policy' and rename to our choosing. This method ensures that all new mailboxes by default will get this retention policy applied.

If we prefer to make this change in PowerShell then we can use the following command:

Set-RetentionPolicy -Identity 'Default MRM Policy' -Name 'Cedar Park Consulting MRM Policy'

We can then verify our change was made correctly by using the following PowerShell command:


Of course we always have the option to throw caution to the wind and remove the retention policy from the mailbox all together by using the following PowerShell command:

Set-Mailbox <identity> -RetentionPolicy $null


This is certainly a great time to be a messaging administrator due to all the options we have at our disposal to present to end users. The latest changes in the Office 365 landscape show that Microsoft is listening to their customers and willing to provide extreme flexibility in order to achieve high customer satisfaction. The official Office 365 roadmap indicates the same. 

I can't help but wonder how large mailboxes within Exchange Online will grow over the next several years with this change and what the mechanics are to reseed these massive databases at a rapid frequency and at the scale Office 365 runs. Hmm, maybe I should just wonder how large my mailbox will grow over the next year.

No comments:

Post a Comment