Quarantine Messages, Transport rules, Security and Compliance

Brass Contributor

Hey Team, 


Hoping you can assist here. We had an Admin who mistakenly added the company name to a transport rule (Rule: Block - Subject or Message Body contains) - which means all emails inbound and outbound were quarantined. 


This totals about 120K messages. We are currently using Get/Release quarantine message (with 3 accounts) to release those messages. However we have only managed to release about 45K messages in 24 hours. 


We've already opened a Critsit with Microsoft but at this time there isn't anything they can do. Do you guys have any ideas as to how we can make the release process go faster? 


Here is the cmdlet were using: 


$Count = 1..125

$Count | % {

Get-QuarantineMessage -ReleaseStatus NOTRELEASED -PageSize 1000 -StartReceivedDate "06/28/23 23:30:00" -EndReceivedDate "06/29/23 16:30:00" -QuarantineTypes TransportRule -Direction Outbound  -PolicyName "Block - Subject or Body Contains Word or Phrase" -PolicyTypes "ExchangeTransportRule" | Release-QuarantineMessage -ReleaseToAll;Sleep -seconds 120}





3 Replies

Hi @Robert Bollinger,

From my perspective you're already in the correct way. There's no other way, ( that I know ), to achieve this task and the limit of 1000 per run makes sense in order to not interfer with the EXO delivering limits. 

Exchange Online limits - Service Descriptions | Microsoft Learn


Yep. We were able to escalate this CritSit to the product group. (well support was). And they confirmed the cmdlet was correct.

They were able to come through though as the product group was able to run the cmdlet for us and release all of the messages.

It took them like 3 hours to release all the messages. Where as it took us all night (With 3 accounts) to release about 25K messages.

So product group for the win


@Robert Bollinger 

Believed you are in the right way for this situation