This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
I have been attempting to corelate the items above in regards to Microsoft 365 email and compliance policy.
First and foremost, by default, without archive enabled, how long does email lived in a mailbox if we dont delete it?
Next, lets say a user account (archive disabled) who have been deleted or his subscription revoked, will the mail content which transit to and from his mailbox, be searchable from content search or eDiscovery?
Finally, does retention policy only works when archived is enabled to a user? if archived is not enabled, what ever retention policy will not be process (including the default MDM policy). is this true?
I received this question from our customer who plans to retain their user account mailbox history up to 7 years, regardless that the user account has been deleted (due to resignation for example). But they plan to use it in a covert fashion, i.e the user is not aware that their email is being kept. Also in terms of use case, eDiscovery fits for uses in legal issues, but to retain email in its true sense, a backup (like veeam) is much more suitable. Is this a correct assumption?
Appreciate for your feedback.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
by default, without archive enabled, how long does email lived in a mailbox if we dont delete it?
When a new mailbox is created, the default MRM policy would be automatically applied to it.
Below is a list of the default retention tags in the default MRM policy:
The default DPT in the default MRM policy would move items which are 2 years old to archive mailbox.
Since the mailbox doesn't have archive enabled, it would have no effect and the items would remain in the primary mailbox as long as you don't delete them.
If you enable archive for the mailbox, items which reach two years old would be moved to archive mailbox.
lets say a user account (archive disabled) who have been deleted or his subscription revoked, will the mail content which transit to and from his mailbox, be searchable from content search or eDiscovery?
If you deleted a user account or remove the license from the account, the mailbox data would be retained for 30 days.
During this period, you can still recover the mailbox data by undeleting the account.
After 30 days, the data is permanently removed.
Meanwhile, contents in the mailbox would become unsearchable from content search or eDiscovery.
Please refer to this link: Searching disconnected or de-licensed mailboxes
However, if you would like to keep the data, you may also consider applying hold on the mailbox to convert it to an inactive mailbox before you remove the user account.
More details are introduced in these links:
Learn about inactive mailboxes
Create and manage inactive mailboxes
does retention policy only works when archived is enabled to a user? if archived is not enabled, what ever retention policy will not be process (including the default MDM policy). is this true?
No.
MRM (retention policy) has two actions, move to archive and delete.
If you have a custom retention policy or modified the default one,
for example, you add a DPT which would permanently delete items which are 1 year old,
it would still work on mailboxes which have this retention policy assigned even if these mailboxes don't have archive enabled.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi, thanks for the clarification. I have been reading and researching upon your answer and have additional inquiries related to this.
I realize that in oder for litigation hold to work, we need Exchange online plan 2.
In order for eDiscovery to work, we require M365 Business premium (content search), E3 (core eDIscovery) a,d E5 (advance Ediscovery).
What I find it odd is that there is no point to have litigation hold if we dont have the correct license for eDiscovery.
In order litigation hold to function properly, we need to search, which at minimum customer must purchase business premium. Is this a correct assumption?
Hi,
Since here on Microsoft Q&A forum we mainly focus on technical issues, I would recommend posting in Microsoft Community for this question which is more related to license.
Thanks for your understanding.
Here is also a link which may be helpful: Microsoft 365 guidance for security & compliance