«
»

Find and Delete Email Messages

We had some malware sneak through our email security this morning.  Here’s how I deleted those messages.

Connect to the Compliance area of 365:

$UserCredential = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirectio

Import-PSSession $Session

Find the messages and view the results (I was able to search by subject but there are other options):

 New-ComplianceSearch -identity “Remove Phishing Message” -ExchangeLocation all -ContentMatchQuery ‘subject:”TOP URGENT”‘ Start-ComplianceSearch -Name “Remove Phishing Message”

Get-ComplianceSearch -identity “Remove Phishing Message” | fl

Delete the messages:

New-ComplianceSearchAction -SearchName “Remove Phishing Message” -Purge -PurgeType SoftDelete

This entry was posted on July 26, 2016 at 7:34 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s