cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Quarantine Messages, Transport rules, Security and Compliance

Robert Bollinger
Brass Contributor

‎Jun 30 2023 06:08 AM

‎Jun 30 2023 06:08 AM

Quarantine Messages, Transport rules, Security and Compliance

Hey Team, 

 

Hoping you can assist here. We had an Admin who mistakenly added the company name to a transport rule (Rule: Block - Subject or Message Body contains) - which means all emails inbound and outbound were quarantined. 

 

This totals about 120K messages. We are currently using Get/Release quarantine message (with 3 accounts) to release those messages. However we have only managed to release about 45K messages in 24 hours. 

 

We've already opened a Critsit with Microsoft but at this time there isn't anything they can do. Do you guys have any ideas as to how we can make the release process go faster? 

 

Here is the cmdlet were using: 

 

$Count = 1..125

$Count | % {

Get-QuarantineMessage -ReleaseStatus NOTRELEASED -PageSize 1000 -StartReceivedDate "06/28/23 23:30:00" -EndReceivedDate "06/29/23 16:30:00" -QuarantineTypes TransportRule -Direction Outbound  -PolicyName "Block - Subject or Body Contains Word or Phrase" -PolicyTypes "ExchangeTransportRule" | Release-QuarantineMessage -ReleaseToAll;Sleep -seconds 120}

 

Thanks, 

 

Robert 

581 Views
0 Likes
3 Replies
Reply
3 Replies
FcoManigrasso

‎Jun 30 2023 07:39 AM

‎Jun 30 2023 07:39 AM

Re: Quarantine Messages, Transport rules, Security and Compliance

Hi @Robert Bollinger,

From my perspective you're already in the correct way. There's no other way, ( that I know ), to achieve this task and the limit of 1000 per run makes sense in order to not interfer with the EXO delivering limits. 

Exchange Online limits - Service Descriptions | Microsoft Learn

 

0 Likes
Reply
Robert Bollinger

‎Jul 02 2023 01:15 PM

‎Jul 02 2023 01:15 PM

Re: Quarantine Messages, Transport rules, Security and Compliance

Yep. We were able to escalate this CritSit to the product group. (well support was). And they confirmed the cmdlet was correct.

They were able to come through though as the product group was able to run the cmdlet for us and release all of the messages.

It took them like 3 hours to release all the messages. Where as it took us all night (With 3 accounts) to release about 25K messages.

So product group for the win

Robert
1 Like
Reply
Kidd_Ip

‎Jul 03 2023 02:07 AM

‎Jul 03 2023 02:07 AM

Re: Quarantine Messages, Transport rules, Security and Compliance

@Robert Bollinger 

Believed you are in the right way for this situation

 

0 Likes
Reply