How to apply a retention policy to a mailbox Exchange Online.

Written by Saajid Gangat in Exchange,Exchange Guides,Microsoft Last Updated July 25, 2023

Every company organization, large or small, must deal with ever-increasing amounts of data daily. Data gets harder to manage as it grows in bulk. For the following reasons, a company’s ability to handle such a massive volume of data is critical. Exchange Retention is the ability to retain and delete information in exchange online. Having this in place allows companies more flexibility in how the data is managed and allows them to stay more organized by allowing simple management of data.

Step by Step process, How to apply a retention policy?

  • First login to Office 365 and login to the admin portal using the launcher,
  • Next under Admin Center click on “Exchange” which will bring you to the Exchange admin center.
  • Under roles click on Admin Roles.
  • After that click on “Compliance Management”.
  • Then click on “Permissions”.
  • Scroll down and click on “Retention Management”.
  • Once you’re in the retention panel click on the “+” symbol.
  • Provide a name to the policy and click + the option to add the desired tags.
  • Here you can also select more than one retention tag using the add button, and then click OK.
  • Click the Save button.
  • A new retention policy is created.

The data is unaffected by the retention policies. In fact, once data is placed in a retention policy, it remains there. The user will be able to work with the data with ease, and no obvious modifications to the data or its characteristics will occur. When a user deletes data, whether intentionally or unintentionally, a copy of the data is immediately saved.

A copy of the deleted data is saved in the Protection Hold library for sites, and a copy of the deleted data is saved in the Recoverable Items folder for messages and public folders. Both locations are entirely safe, and the majority of users are absolutely unaware of their existence.

The retention policy works for a set amount of time and then deletes all copies of the data. The deleted data will not be recovered if you use Office 365 services and your retention policy has expired. There is a manual approach for transferring emails from Office 365 to Outlook, but you may utilize a professional backup that can save data to a secure location to boost data protection and make it stay forever.

The 2 ways you can apply Exchange Retention: 

There are 2 ways you can apply retention to an Exchange account for management, both of these methods can work together, and you don’t have to choose one or the other.

  • MMR or Messaging Retention Management.
    • which allows you to store, archive, and remove data in exchange mailboxes. This method works for versions 2010, 2013, 2016, and 2019 of Exchange Online and Exchange on-premises.
  • Office 365 Retention Labels and Retention Policies.
    • The security and compliance center has a lot of capability. This technique manages retention, deletion, disposition reviews, event-based retention, and more using a single label. This is applicable to Exchange Online as well as other Office 365 services.

Alternative outputs:

  • If you wish to use the expanded archive feature in your organization, you’ll need to use MRM to automatically moving messages from email inboxes, set items, folders, and other places to the expanding archive. In-Office 365, that feature isn’t available.
  • You should look at Office 365 policies if you want to develop a single retention policy that works across all of the key Office 365 workloads. Office 365 retention is also useful if you want to have several policies for a single Exchange mailbox.
  • Next, Office 365 retention is your only choice for retaining data in inactive mailboxes. If you employ MRM retention, you’ll need to put them on legal hold in the active mailbox to avoid accidentally deleting data.
  • Finally, MRM and Office 365 both have capabilities for managing retention for mail, calendar, public folders, conversation history, and other items.

Using delegated administration, you can apply this policy to all users. This script does not currently support two-factor authentication for delegated administrator accounts. Before attempting to apply retention on anything other than Exchange, this will normally verify whether a customer has a SharePoint URL.

In-depth Step by step process:

  • Firstly, log in to Office 365, associated with the Exchange account you wish to apply retention too.
  • Next click on Show all to access the admin center section where all the admin dashboards for Office Suite software are located. Sometimes the Admin Center content may be pinned to the main menu panel in this case if you find “Exchange” click on it, If not click on Show all and then click on Exchange under Admin center.
  • You will now enter the admin dashboard where you can access admin-related settings made for Exchange. The admin panel will be users who need more authority over the network and therefore will be able to control more of what happens in the network associated with a business. In the admin menu panel under “roles” click on Admin Roles.
  • Once you’re in the Admin Role section you now need to click on Compliance Management “This role group will allow a specified user, responsible for the compliance, to properly configure and manage compliance settings within Exchange in accordance with their policy.”
  • Next click on “Permissions” this is where all the authorized content for management is located you will find the tab for retention here. You may need to scroll to find the tab however since it’s alphabetical you should not have an issue locating the tab.
  • Next, you need to click on “retention tag”  and here you will add your new retention policies to either delete after a given period or archive for any length of time. On the new panel click the “+” symbol which is where you can add and apply new retention policies.
  • Finally, a new dialogue box will open and here you click on the “Plus” symbol where you add the retention policy. In the example below a command set up to retain the content for 5 days then delete it. You can choose what preferences you need for instance archive for as long as necessary or delete after a certain length of time. If the action is set to delete will delete the associated content within the allotted time frame in this case 5 days. You can of course edit and refine the Retention command to suit your preferences whenever up until the time is over.

Saajid Gangat

Saajid Gangat has been a researcher and content writer at Business Tech Planet since 2021. Saajid is a tech-savvy writer with expertise in web and graphic design and has extensive knowledge of Microsoft 365, Adobe, Shopify, WordPress, Wix, Squarespace, and more! You can connect with Saajid on Linkedin.

Recent Posts