Looking for a way to delete all messages from particular senders out of every affected users mailbox, typically 100-200/10,000. When I approached our Exchange admins about this idea I was met with resistance, told it was slow (Takes 4-5 hours to delete them all) and that it had the potential to corrupt the entire Exchange database.
Asked
Active
Viewed 1,767 times
1
-
2If deleting messages can corrupt the exchange db, then there's something terribly wrong with your architecture. That said, I don't feel like deleting messages from users' boxes is a good way to do this. Spam should be filtered on the way in. Once in a user's box, it's "theirs" so to speak, and short of expiry rules, messages should not be programmatically removed from the mailboxes. – EEAA Jul 01 '14 at 00:36
-
Unfortunately this is the world I live in. We use Iron Port to filter our spam and still have a significant amount coming through, the Exchange admins claim nothing else can be tweaked on the appliance to filter out more e-mail without causing false positives to skyrocket. It's these reasons I had to start thinking outside of the box, I've exhausted the typical options. – user228684 Jul 01 '14 at 00:58
-
1Why are they not using the Anti-spam agents in Exchange in concert with Iron Port? - http://technet.microsoft.com/en-us/library/bb201691.aspx – joeqwerty Jul 01 '14 at 03:57
2 Answers
1
Report messages that will be deleted using something like this. it will create a report in the target folder. If you remove -LogOnly it will copy the messages to the folder. This REALLY helps with verification:
Search-Mailbox -identity user@domain.net -SearchQuery "Sender@domain.com" -TargetMailbox admin@domain.net -TargetFolder searches -Logonly
Then once you are sure you can run:
Search-Mailbox -identity user@domain.net -SearchQuery "Sender@domain.com" -TargetMailbox admin@domain.net -TargetFolder searches -DeleteContent
I am going to assume that you know enough about PowerShell to be able to run this against a list of accounts. If you do not then do not even run these commands! They are dangerous!
Unconn
- 111
- 3
-1
I'll echo what's above - if deleting emails would cause the whole thing to break, then it really is built like a house of cards (Being a problem in itself)
A workaround that may be of use: Have users filter out emails with the word 'unsubscribe'. Blocks most spam.
-
Cripes, no. That is a *horrible* recommendation. Implementing it will cause the false positive rate to go through the roof. Sure, some spams have this, but so do nearly all legit opt-in mailing lists. – EEAA Jul 01 '14 at 04:46
-
@EEAA Hey, it's just some food for thought. If he's looking for a very (albeit overly) simple approach to solving his problem. Plus, it's in a corporate environment, not really sure how many opt-ins employees should be subscribing too. As always, YMMV – Confused sysadmin Jul 01 '14 at 04:54
-
-
@EEAA Hmm, I guess I should just SUSD huh? No wonder SF is such a small community; thanks for your opinions though! – Confused sysadmin Jul 01 '14 at 05:00
-
You have to understand - answers and questions here are not only for the OP. They're for everyone that google brings here in the future. I can't stand by and let bad advice go un-challenged, or some clueless admin will implement this change in a year or two, not understanding the ramifications of doing so. If you desire to discuss further, open a Q on meta.SF. – EEAA Jul 01 '14 at 05:03
-
No, you have to understand. I stated it was a workaround, and - like ALL answers - there will be some sort of downside. In this case the downside is that you wouldn't be able to get your opt-in ads (Which employees should not subscribe to in the first place). I can't open a Q on meta because I'm not registered, and to be quite frank this recent exchange has me questioning whether or not I should register. Again, thank you for your opinions - they are dully noted, but not solicited. – Confused sysadmin Jul 01 '14 at 05:17
-
Ever see the footers of tech discussion mailing lists? Security announce lists? Etc? Not ads. You posted an answer on a public QA site. Doing so is implicitly asking for feedback. Being disagreed with is part and parcel of this sort of thing. One of my answers was down voted and corrected earlier today, and I was glad for the correction. Don't sweat it. Continue asking and answering, we'll all learn through the process. – EEAA Jul 01 '14 at 05:23
-
You can (typically) add exceptions to filters, and how many of those mailing lists are actually needed for workplace functionality. If I was the boss, I'd be pretty P.O.'d that my employees were wasting company resources for discussion/announcement lists. And the feedback is welcomed so long as it is grounded in objectivity, and not 'I don't like his approach' (Unless down-voting for subjectivity is allowed, in which case excuse me). At the end of the day my suggestion will, at a bare minimum, suffice until something else can be implemented. – Confused sysadmin Jul 01 '14 at 05:35