To enhance your ability to comply with regulations
related to messaging retention, protect personal information, and
fulfill legal discovery requests for messaging records, Exchange
supports the following:
Messaging Records Management Allows your organization to implement message retention policies. Messaging retention policies combine retention tags, retention policies, and autotagging.
Mailbox folders and individual mail items use retention tags to apply
retention settings. Users can use tags to mark folders or items for
retention. A default tag associated with a retention policy applies to
items not tagged manually by a user or to items in folders that do not
have tags applied. Although users can use rules and default tags to
automatically assign tags to incoming e-mail, autotagging allows
Exchange to learn from users' tagging preferences and assign tags to
incoming messages automatically. Users can manually override any
automatically assigned tags.
Discovery Management Allows a user who is assigned the Discovery
Management role to search mailbox content in selected mailboxes across
an Exchange organization. The scope of the role assignment determines
which mailboxes a user can search. Messages returned by the search are
copied to a folder in the designated Discovery mailbox, which ensures compliance
with legal discovery requirements and also allows authorized personal
to search message content for purposes such as internal investigations
and messaging-policy compliance.
Transport Protection Rules
Allows you to secure messaging content against unauthorized access and
reviews by protecting e-mail messages and attachments. Transport
Protection Rules apply rights management settings to messages in
transport, determining which recipients can access a message and what
actions recipients can perform. For example, a recipient might be
permitted to view a message and attachments but not be permitted to
print a message and attachments.
Other compliance features include the following:
Archive mailboxes
Journaling
Message classifications
Hold policy
Exchange Server 2010 implements messaging records
management to help retain messaging content that your organization might
need for business or legal reasons and to delete messages that are no longer needed. You specify the retention
period and the types of messaging content that management settings
should apply to. Messaging records management is configured globally for
your Exchange organization and implemented on a per-server basis by
enabling records management enforcement.
1. Understanding Message Retention Policies and Tags
Message retention
policies replace managed folders as the preferred method for
implementing messaging records management. For backward compatibility
with existing records management implementations, you can use managed
folders. A managed folder is simply a Microsoft Office Outlook folder to
which you can apply retention policies. Exchange uses two types of
managed folders: managed default folders and managed custom folders.
Managed default folders include the standard folders available in
Outlook. Managed custom folders are additional folders that you can
create and deploy.
You work with managed
folders in several ways. If you want to control the contents of managed
folders, you can apply managed content settings. For example, you can
apply managed content settings to the Inbox folder, specifying that
Exchange Server should automatically delete or move the folder's
contents to another folder after 90 days. Although managed default
folders appear in Outlook automatically, managed custom folders do not.
To add a managed custom folder to a mailbox, you must create a Managed
Folder Mailbox policy that deploys the folder. You can use a single
Managed Folder Mailbox policy to deploy multiple managed custom folders.
By automating records
management, Exchange Server 2010 helps your organization comply with
legal requirements while minimizing the impact on administrators. The
process relies on users to classify their own messaging content and on
automatic tagging. Users can file items by placing them in the managed
folder that is appropriate for that type of content, or messaging
content can be sorted into the appropriate folder by using rules and
tagging. This ensures that messaging content is classified according to
users' wants and helps eliminate the mishandling of messaging content
that can occur with completely automated messaging management solutions.
Managed folders are similar to
the other folders in users' mailboxes except that users cannot remove,
rename, or delete the folders after Exchange Server has deployed them.
Exchange Server uses the retention policies you define to periodically
process messaging content that users put in managed folders. You can
configure retention policies by content age and by message type, and you
can apply them to any of the folders in users' mailboxes. When messages reach a retention
limit, Exchange Server can retain required messaging content and delete
unneeded messaging content without requiring administrator
intervention.
You can retain any
messaging content that you want to keep by applying managed content
settings that create journal copies of the content in another location.
This can be any location with a Simple Mail Transfer Protocol (SMTP)
e-mail address, including another Exchange mailbox.
You can configure Exchange
Server to delete any messaging content that is no longer needed by
specifying a deletion action. You can delete content permanently or
delete it so that users can still recover it. You can also move content
to a managed folder that is set up for user review prior to deletion,
and you can mark content as expired in a user's mailbox in Outlook. This
ensures that the user is prompted to take any required action.
When you apply managed
content settings, you can also specify that messaging content should be
journaled. A journal is an automatically forwarded copy of an item saved
in an alternate location. Typically, you'll create journal copies of
items in a mailbox specifically set up for this purpose. You can use
journaling to help your organization meet additional compliance or regulatory requirements.
Note:
REAL WORLD Mailboxes can use either managed folders or retention tags,
not both. If you no longer want to use managed folders for messaging
records management, you can remove all records management settings from a
Mailbox server by deleting managed custom folders and managed mailbox
polices. When you remove all managed custom folders and all managed
mailbox policies,
the Managed Folder Assistant performs the following tasks the next time
it runs for all mailboxes with records management enabled: removes
mailbox policy settings from managed folders, removes empty managed
custom folders, converts managed custom folders with items to standard
folders. When you are sure the Managed Folder Assistant has run and
completed the cleanup, you'll know managed folders are no longer being
used.
Hold
policy can help you recover accidentally deleted items and can also be
used as part of retention. Previously, if a user wanted items that were
written to backups, you had to find the backup media that contains the
data, find the items, and return them to the user. Exchange 2010
includes the Recoverable Items folder to make this process easier.
The Recoverable Items folder
is the storage location in which items deleted from the Deleted Items
folder are located until they're purged from the Mailbox database. With
this folder and the hold policy that can be applied to it, Exchange can
retain all deleted and modified data for a specified period of time, and
you can recover items directly from it, streamlining an otherwise
lengthy process.
When you are using the Search-Mailbox cmdlet, you can set the –SearchDumpster parameter to $true to search the Recoverable Items folder. With Set-Mailbox,
you can set the –LitigationHoldEnabled parameter to $true to specify
that a mailbox is under litigation hold and that its messages can't be
deleted. After a mailbox is placed on litigation hold, deleted items and
all versions of changed items are retained in the Recoverable Items
folder. Items that are purged from the dumpster are also retained, and
the items are held indefinitely.
2. Creating and Applying Retention Tags
You deploy retention tags
by creating retention policy tags for default folders and then creating
and applying retention policies to mailboxes. You work with retention
tags and policies in the Exchange Management Shell. Keep the following
in mind:
Commands for
creating and working with retention policy tags include
Get-RetentionPolicyTag, New-RetentionPolicyTag, Set-RetentionPolicyTag,
and Remove-RetentionPolicyTag.
Commands
for creating and working with retention policies include
Get-RetentionPolicy, New-RetentionPolicy, Set-RetentionPolicy, and
Remove-RetentionPolicy.
To create a retention
policy tag, you use the Type parameter to specify a default folder that
the retention policy tag applies to, as shown in this example:
New-RetentionPolicyTag "Managers-DeletedItems" -Type "DeletedItems"
-MessageClass "AllMailboxContent" -RetentionEnabled $true
-AgeLimitForRetention 30 -RetentionAction PermanentlyDelete
Here, you configure
retention for the DeletedItems folder. You also could have configured
retention for Calendar, Contacts, Drafts, Inbox, JunkMail, Journal,
Notes, Outbox, SentItems, Tasks, or All. The –MessageClass specifies the
type of item to retain, such as CallItems, Contacts, Documents, E-Mail,
Faxes, Journal, MeetingRequest, MissedCall, Notes, Posts, Tasks, and
Voicemail. Once the age limit has expired, the retention action is
performed. Retention actions include MoveToDeletedItems, MoveToFolder,
DeleteAndAllowRecovery, PermanentlyDelete, MarkAsRetentionLimit, and
MoveToArchive.
Note:
PermanentlyDelete permanently
deletes a message. A message that has been permanently deleted can't be
recovered using the Recoverable Items folder. Permanently deleted
messages are not returned in a Discovery search unless a litigation hold
is enabled for the mailbox.
Retention policies contain
retention tags with managed content settings and are applied to
mailboxes to control retention. After you create your retention tags,
you can specify the list of tags to associate with a retention policy,
as shown in this example:
Set-RetentionPolicy -Identity ManagersRP
-RetentionPolicyTagLinks "Managers-Default", "Managers-Inbox",
"Managers-DeletedItems"
Because the list of tags you provide replaces any previous list of associated tags, you'll want to get any existing tags associated with the policy and append new tags as shown in this example:
$tags = (Get-RetentionPolicy ManagersRP).RetentionPolicyTagLinks
$newtag1 = Get-RetentionPolicyTag Managers-Default
$newtag2 = Get-RetentionPolicyTag Managers-Inbox
$newtag3 = Get-RetentionPolicyTag Managers-DeletedItems
$tags += $newtag1 + $newtag2 + $newtag3
Set-RetentionPolicy ManagersRP -RetentionPolicyTagLinks $tags
After you associate retention
tags with retention policies, you'll want to apply retention policies
to mailboxes using Set-Mailbox with the –RetentionPolicy parameter, as
shown in this example:
Set-Mailbox "timj" -RetentionPolicy ManagersRP
You can also apply a retention policy to the current members of a specific distribution group, as shown in this example:
Get-DistributionGroupMember -Identity "Managers" | Set-Mailbox
-RetentionPolicy ManagersRP
Autotagging
automatically assigns retention tags to items in mailboxes based on a
user's past tagging behavior. To use autotagging, a retention policy
must be assigned to a mailbox. You can enable autotagging for a mailbox
as shown in this example:
Set-MailboxComplianceConfiguration -Identity "timj"
-RetentionAutoTaggingEnabled $true
You can also apply autotagging to the current members of a specific distribution group, as shown in this example:
Get-DistributionGroupMember -Identity "Managers" |
Set-MailboxComplianceConfiguration -RetentionAutoTaggingEnabled $true
If you want to
temporarily suspend processing of retention policies for a mailbox, such
as when a user is on vacation or maternity leave, you can place the
mailbox on retention hold. To do this in the Exchange Management
Console, double-click the user's mailbox to open the related Properties
dialog box. On the Mailbox Settings tab, double-click Messaging Records
Management. Select Enable Retention Hold For Items In This Mailbox.
Optionally, set a start date and an end date for the retention hold.
Click OK to save your settings.
3. Applying Records Management to a Mailbox Server
After you've configured records management for your organization and
applied policies to user mailboxes, you can begin managing records on
the individual Mailbox servers in your organization. In Exchange Server
2010, the Managed Folder Assistant is responsible for applying records
management settings. The Assistant does the following:
Creates the necessary managed custom folders in user mailboxes
Moves or removes items according to their retention settings
Creates journal items in mailboxes in other locations
Each Mailbox server in
your organization has a Managed Folder Assistant that runs according to a
schedule you specify. It attempts to process all the mailboxes on a
server in the specified amount of time. If it does not finish during the
allotted time, it resumes processing where it left off the next time it
runs.
In the Exchange
Management Console, you can enable records management and schedule the
Managed Mailbox Assistant to run by completing the following steps:
In the Exchange Management Console, expand the Server Configuration node, and then select the related Mailbox node.
Right-click
the Mailbox server you want to configure, and then select Properties.
In the Properties dialog box, click the Messaging Records Management
tab.
Select Use Custom Schedule from the list, and then click Customize.
In
the Schedule dialog box, select the times and days during which you
want the Managed Folder Assistant to run. Click OK to close the Schedule
dialog box, and then click OK to close the server's Properties dialog
box.
In the Exchange Management Console, you can disable records management by completing the following steps:
In the Exchange Management Console, expand the Server Configuration node, and then select the related Mailbox node.
Right-click the Mailbox server you want to configure, and then select Properties.
In the Properties dialog box, click the Messaging Records Management tab.
In the Start Messaging Records Management Enforcement Process list, select Never. Click OK.
In the Exchange Management
Shell, you can enable and disable records management by using the
-ManagedFolderAssistantSchedule parameter of the set-MailboxServer
cmdlet. Example 1 provides the syntax and usage. Note that it is easiest to schedule run times using a 24-hour clock.
Example 1. Enabling and disabling records management
Syntax
Set-MailboxServer -Identity 'ServerIdentity'
-ManagedFolderAssistantSchedule 'Schedule'
Usage for enabling records management
set-MailboxServer -Identity 'CorpSvr127'
-ManagedFolderAssistantSchedule 'Sun.01:00-Sun.05:00',
'Wed.01:00-Wed.05:00'
Usage for disabling records management
Set-MailboxServer -Identity 'CorpSvr127'
-ManagedFolderAssistantSchedule $null
|
In the Exchange Management
Shell, you can manually start and stop records management by using the
Start-ManagedFolderAssistant and Stop-ManagedFolderAssistant cmdlets,
respectively. When you start the assistant manually, any current
processing of mailboxes stops, and the assistant reprocesses all
mailboxes on the server. Example 2 provides the syntax and usage.
Example 2. Starting and stopping records management manually
Syntax
Start-ManagedFolderAssistant -Identity 'ServerIdentity'
Stop-ManagedFolderAssistant -Identity 'ServerIdentity'
Usage
Start-ManagedFolderAssistant -Identity 'CorpSvr127'
