This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 2%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
Hello!
I need to remove a phishing email from an Exchange 2019 On-Prem environment of over 10,000 mailboxes. I have tried "Get-Mailbox -Database "..." -ResultSize Unlimited | Search-Mailbox -SearchQuery ..." -DeleteContent -Force", but on our larger databases the it fails as there are too many mailboxes and/or overuses the server resources. I am attempting to use the New-ComplianceSearch, but I think I am running into an issue with the search only returning 1000 results. Does anyone have recommendations on how to clean a single email out of a large number of mailboxes with over 1000 results? I'd love a how-to or even recommendations for a third-party solution.
Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 80%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAL%3C/text%3E%3C/svg%3E)
Hi @Rachel N ,
I'm here to confirm with you if your issue has been resolved.
If the problem is successfully solved, you can share your solution or accept the helpful reply as answer, this will make answer searching in the forum easier and be beneficial to other community members as well.
If you still have further questions or concerns, feel free to post back. Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 91%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPT%3C/text%3E%3C/svg%3E)
Hi,
Please refer to this documentation for the eDiscovery limits: https://learn.microsoft.com/en-us/microsoft-365/compliance/limits-for-content-search?view=o365-worldwide
The 1000 results you see are the limit of the preview.
In case you need to review more, you can try the method described here: https://learn.microsoft.com/en-us/exchange/policy-and-compliance/ediscovery/compliance-search?view=exchserver-2019#optional-step-2-verify-the-number-of-source-mailboxes-in-the-compliance-search
BR,
P
Hi @Rachel N ,
According to the official documentation , the maximum number of mailboxes that can be searched in a single search is 10,000 in on-prem exchange.
Moreover ,in this documentation, a compliance search will return a maximum of 500 source mailboxes that contain search results.
It is suggested that you could try creating two (or more) compliance searches and change the search criteria to reduce the number of mailboxes that contain search . For example, you could specify a date range or refine the keyword query.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.