Exchange 2010: Retention Tags and Policies 101

People have asked me a lot in the past about how Retention Policies/Tags work within Exchange 2010, and how they can be utilized for their day to day tasks. Here is a good overview of what Retention Policies and Tags are, and my experience on how they work...

Types of Retention Tags:

Retention tags are flags used to set retention settings on messages and folders within Exchange 2010 Mailboxes. In Exchange 2010 we have three tag types to choose from:

  • Retention Policy Tags (RPT)

    • These tags are created and applied to default folders within the mailbox (e.g: Inbox, Deleted Items, Sent Items, ect)
    • You can only apply one RPT to each default folder per retention policy
  • Default Policy Tag (DPT)

    • This tag is applied to all other items where a RPT is not applied
    • You can only have one DPT per retention policy
  • Personal Tags - User assigned tags within OL 2010 or OW

 

Settings within the Retention Tags:

When we set up the tags, we get several options:

1)      The Tag Name

2)      The Tag Type – at this point this is where we determine what is a DPT, RPT or Personal tag. If we select the Tag Type to be the inbox, or the RSS feed folder then this is a RPT (since these are a few of the default folders that are create with a new mailbox). If I choose the option of All other folders in the mailbox then this would be a DPT (since this is any folder/subfolder that is not tagged by an RPT) , and if I select Personal Folder that would be a Personal Tag.

3)      Age Limit for retention (days) – this is the amount of time the item exists before we perform the “Action”

4)      Action to take when the age limit is reached -  When we hit our age limit specified in section #3 (Age Limit for Retention) we need to perform an action. There are three actions that we can have a retention policy tag perform:

  1. Delete and Allow Recovery – this means we will delete the item, and keep it within the Recoverable Items Folder for the deleted items retention period (allowing recovery)
  2. Permanently Delete – this is something I typically do not recommend, as this hard deletes an item. What does hard delete mean? When this item is deleted it bypasses the Recoverable Items Folder and is no longer recoverable unless you have a backup.
  3. Move to Archive - if you have an online archive, then the item will be moved there.

 

What is this Managed Folder Assistant (MFA) that you speak of?

Managed Folder Assistant (MFA) is the process that applies the message retention settings, calculates the times and performs the actions of the retention policy (and tags). The MFA was a scheduled task back in 2010 RTM (it use to run from 9PM to 6AM by default) but now is a throttled assistant, meaning that the resources it can consume are throttled (to ensure that it won’t over consume your system resources). Even though the Managed Folder Assistant is a throttled assistant, we can still schedule it to scan all mailboxes per day. This is called a work cycle.

Let’s say per day we want all the mailboxes to be processed by the MFA, and have the tags updated/items moved as per the retention policy. We would do this:

                  Set-MailboxServer <NAMEOFSERVER> -ManagedFolderWorkCycle 1

 In this cmdlet above, we are telling the MFA to run a pass against all the mailbox’s on the mailbox server at least once a day. Let’s also use the situation where we need to scan a mailbox using the MFA immediately so that changes can be taken in effect:

Start-ManagedFolderAssistant –Identity user@contoso.com

 Using the alias/UPN/email address we can now say to the MFA “Please scan this mailbox with priority now, and apply the retention policy as design”.

What happens if I apply an RPT, or a DPT to a mailbox through a Retention Policy?

If you apply a Retention Policy Tag (RPT) to a default folder (for this example, we will use inbox as the default folder) then we will tag all the items at the root, and each child folder. In this example we have one root default folder called Inbox, and two children called Yeay and Retention Tag WOW. The Managed Folder Assistant will mark all items in these folders and also mark the age (and take the action of the RPT when the age hits) until the item is moved out. Once the item is removed from a folder with an RPT and once the MFA (Managed Folder Assistant) runs against the mailbox the old tag is dropped from the old mail item and retagged with the appropriate (if there is a tag in the folder moving it to, then it is retagged. If not then there is no tag to apply)

Now, what happens if add a Default Policy Tag (DPT) to this picture? Well, as we remember from above is that the DPT is applied to any folder that does NOT have a Retention Tag associated with it, which includes default folders that do not have tags, non-default root folders (in my example above the non-default root folder is Im a non-default root folder) along with the Online Archive. So, with this said if I move some items out of the inbox that has an RPT on into the folder Im a non-default root folder then the following actions will happen when the MFA runs against the mailbox:

1)      The old RPT will be removed, and the DPT will be applied.

2)      The age of the item will be stamped, and depending on the DPT, action might be taken on the item if it meets or exceeds the Age Limit attribute on the DPT.

In conclusion, it is important to properly plan out the retention tags and policies according to your business requirements are but to also make sure you do not loose important data. I personally don’t recommend using a DPT that says “Permanently Delete” unless you have a real time data protection solution (such as System Center Data Protection Manager) but that is something you need discuss with your staff.

Any questions you have leave them below in the comments section.