I am in a hybrid environment with Exchange 2016. All mailboxes have been migrated to EOL. I would like to create a retention policy that would prevent a user from permanently deleting emails.  I've read a lot of MS documentation but I'm still unclear if this is possible.  Our current retention policy deletes after two years but I don't know if a user permanently deletes an email if that email is retained for discovery requests up to that two year mark? Is there a MS solution for this? Thanks!

Just to clarify, are you talking about Exchange Online retention policy, or Office 365 retention policy? The former do not actually prevent users from deleting messages. Use a retention policy from the Compliance center instead (, in which case the messages will be preserved as mentioned by Adin above.
