Forum Discussion
Purging Malicious Emails via O 365 Security and Compliance
We aren't talking about https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/manage-quarantined-messages-and-files, emails in the quarantine are yet to be delivered and will be deleted automatically after the time has elapsed, 30 days by default?
If you are deleting malicious emails you can use a Content Search with PowerShell if that's the process you are following:
"The final step is to run the New-ComplianceSearchAction cmdlet to delete the message. You can soft- or hard-delete the message. A soft-deleted message is moved to a user's Recoverable Items folder and retained until the deleted item retention period expires. Hard-deleted messages are marked for permanent removal from the mailbox and will be permanently removed the next time the mailbox is processed by the Managed Folder Assistant."
https://docs.microsoft.com/en-gb/microsoft-365/compliance/search-for-and-delete-messages-in-your-organization
https://www.geekshangout.com/office-365-deleting-email-mailboxes-using-content-search-feature/
It easier with Office 365 E5 or ATP Plan 2 add-on, as this is in the interface without needing PowerShell - https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered#find-and-delete-suspicious-email-that-was-delivered.
- What if I use the GUI to delete malicious messages? That is the method I use but it does not seem to work.
Tatabime Without knowing more on exactly what process you are following (the previous links I posted show how this should work), I'd suggest opening a ticket with Office 365 support if it's not working the way you are expecting, would be the next step I'd do.
