Curious about Exchange 2010 Retention Policies?

  • 發行項

Defining and enforcing records management policies for e-mail can be a real pain in the <you know what> without having some kind of automated approach.

Don't just take my word for it, industry watcher Michael Osterman (of the eponymously named firm Osterman Research) pointed this out in his May 2009 “Messaging Archiving and Document Management Markets Trends, 2009-20112” report:

Many organizations have yet to define an email retention policy. More than one‐quarter of organizations have not yet established any sort of email retention policy despite the fact that there are a growing body of statutory requirements and legal obligations to preserve business records, including those stored in email. Among the nearly three‐quarters of organizations that have established an email retention policy, only two‐thirds of these organizations indicate that their users are fully aware of the policy.”

Even David Ferris (of a similarly eponymously named firm Ferris Research) recently posted a blog...er…posting about highlighting that:

“Most organizations are unclear about the retention policies they should adopt. That slows the deployment of archiving technology.”

Clearly, having a familiar approach, that integrates with our user’s daily workflow for managing their inboxes, is an important step in the right direction for getting this one right. You know, something that appears right in Outlook and Outlook Web App.

With Exchange 2010, you get this with our new Retention Policies capabilities (a part of the new integrated e-mail archiving, retention, and discovery I’ve been discussing for a while now).  Gone are those “Managed Folders” we intro’ed in Exchange 2007 (although if you really want them, the feature is still there).  Instead, Retention Policies provide a way more flexible way for you (and if you so choose, your users) to tag folders and/or individual mailbox items (e.g., e-mail messages, notes, contacts, et al) with settings for:

    • how long the message (or item) should be retained, and
    • what action to take when this item reaches the end of the retention period (e.g., moved to the archive, deleted, etc.)

Oh, it’s worth noting that an Exchange 2010 Retention Policy is a collection of Retention Tags that are applied to mailboxes. Each mailbox can have a maximum of one Retention Policy associated with it at a time.

And, the Exchange admins have three types of Retention Tags they can implement with :

    • Retention Policy Tag (or RPT) – for setting retention policies on default folders (e.g., Inbox, Junk Mail, Sent Items, etc.).  All messages and items in this default folders will inherit the folder’s RPT. Users cannot change the RPT, but instead can apply a different “Personal Tag” (see below) to items that live inside the default folder. So, if you have a RPT set on the Inbox folder of “Delete in 60 days”, any message in the user’s Inbox will automatically be tagged with this policy (i.e., “Delete in 60 days”).  Each supported default folder can have up to one RPT linked to it in a single Retention Policy.

      OL2010 Inbox Folder Retention Policy

    • Default Policy Tag (or DPT) – for applying retention settings to “untagged items”.  Basically, if there are messages that have not already inherited a Retention Tag from the folder it’s located in or the user hasn’t explicitly tagged it with a “Personal Tag” (see below), this is your policy.  It’s hugely recommended you only have one of these in a Retention Policy.

      OWA Archive Policy Right-Click Menu (Hi-Res)

    • Personal Tags (or Personal Tags) – here’s where you can created additional tags that your users can apply to their own customer folders (as well as individual items).  They can do this in either Outlook 2010 or Outlook Web App. In our demo environment, we have created such tags, like “Acquisitions, keep for 5 years”

OL2010 Retention Policy Right-Click Menu (Hi-Res)

“What happens if a user moves a messages from a default folder (or really any folder location) to another folder?”

Well, the item effectively inherits the tag applied to the folder it is moved to.  And if the item has had tag already assigned to it (e.g., you tag a message in the Inbox with a Personal Tag with the action “Move to Archive in 1 year”), the explicitly assigned tag takes precedence over the folder’s assigned tag.  Referring again to our example, if this message tagged by the user with “Move to Archive in 1 year” is “dragged and dropped” into a folder with a policy of “Move to Archive in 30 days”, the item (and only that item) retains the “Move to the Archive in 1 year” tag. 

“When and how do all of these policies and actions get processed?” 

The Managed Folder Assistant (yes, even though it’s not really the same Managed Folders from Exchange 2007) runs daily (by default between 1am and 4am) to process all of the messages.  It either tags items with the right Retention Tag or it executes the item’s retention action for those that have passed their retention age.

“What if I need to prevent these actions because the user is now involved in a legal issue that requires the company to retain all of their e-mail, etc.?”

Here, you can place the user’s mailbox on Retention Hold and suspend the processing of the Retention Policies for their mailbox.  This, of course, doesn’t prevent the user from manually changing or deleting items. If you need to preserve the user’s mailbox content, here’s where the new Exchange 2010 Legal Hold feature would be the right fit.

When toggled on for a user’s mailbox, Legal Hold captures any deleted or edited items into a special folder that’s neither accessible nor changeable by the user (basically a “dumpster for the dumpster”).

EMS Setting Legal Hold

These items show back up (whether in the user’s primary mailbox or personal archive) during multi-mailbox searches, in a special “Recoverable Items” folder in the search results.

Well, this is a lot to chew on, and I totally recommend you play around with these settings using the one of the many “Try It” options up on http://www.microsoft.com/exchange/2010/en/us/try-it.aspx.

-- hama

Comments

  • Anonymous
    July 16, 2012
    Is there any option to find the retention policy assigned on a mailbox individual folder using shell command?

  • Anonymous
    April 01, 2014
    I have the same question as Rajkumar from 2012.... I recently had one user discover that items in his Exchange 2010 Archive mailbox were being deleted. I checked and some of the folders were set to inherit the parent folder's retention policy, but they were still stamped with the wrong policy. So they had 90-day retention instead of "Never Delete (Never)". Now that other users found out about this, they want me to verify that all of their thousands of folders are all set to "Never Delete (Never)". I do not see any reasonable way to accomplish this.
    At least with NTFS, I have the option to force the permissions that I apply on all child objects.
    We should have a similar capability for retention policy....to be able to apply it and force it onto all child objects.

  • Anonymous
    November 19, 2014
    How can I find when the policy is last run

  • Anonymous
    April 24, 2015
    Rajkumar, here is a simple command you can run from your Exchange 2010 Management Shell that will return the Retention Policy assigned to a specific mailbox:
    Get-Mailbox -Identity | select RetentionPolicy

    Or to get the retention policies for all mailboxes you can use:
    Get-Mailbox | select UserPrincipalName, RetentionPolicy

    Or to get all users with some filtering you can try one of these:
    (First one returns all mailboxes that do NOT match the specific Policy, Second one returns all mailboxes that match the specific policy)
    Get-Mailbox | Where-Object {$.RetentionPolicy -ne 'Your Policy Name'} | select UserPrincipalName, RetentionPolicy
    Get-Mailbox | Where-Object {$    .RetentionPolicy -eq 'Your Policy Name'} | select UserPrincipalName, RetentionPolicy

    Hope this helps. And, sorry but can't think of an easy way to pull last run info.

  • Anonymous
    April 24, 2015
    By the way, just thought I'd add that you have to include the actual mailbox name or alias in the first command I offered:
    Get-Mailbox -Identity | select RetentionPolicy

  • Anonymous
    January 22, 2016
    I've searched for similar information, as others requested here. I needed to find out what items had already had Personal Tags applied, (and which ones) in all folders, in all mailboxes, on an Exchange server. I had to write a (very, very complicated) script, in order to find what tags had already been applied to individual items.

    The lack of a way to easily see what tags have been applied, to folders, or individual items, as an administrator, is a huge flaw, in this feature. Microsoft turning on the default set of Personal Tags, for end users, by default, added insult to injury.