Getting Started with Messaging Records Management
Messaging records management (MRM) is the records management technology in Microsoft Exchange Server 2007 Enterprise Edition that helps organizations to reduce the legal risks that are associated with e-mail messages and other communications. MRM gives users the ability to keep messages that are needed to comply with company policy, government regulations, or legal needs, and to remove content that has no legal or business value. This is accomplished through the use of managed folders, which are mailbox folders to which managed folder mailbox policies have been applied. The administrator or the user places these managed folders in the user's mailbox, and then users sort messages into the managed folders according to their needs and their organization's message retention policy. Messages placed in the managed folders are then periodically processed by Exchange according to the managed folder mailbox policies. When a message reaches a retention limit, it is archived, deleted, or flagged for user attention, or the event is simply logged.
Other new features in Exchange 2007 can help organizations to comply with legal discovery orders more efficiently and monitor user compliance with the organization's records management policies.
This article describes how MRM works, lists some of the things to consider when planning and implementing a records management solution, and gives a walkthrough of how to set up a simple MRM implementation.
How Does MRM Work?
At the heart of MRM is the managed folder assistant, a Microsoft Exchange Mailbox Assistant that configures users' mailboxes and processes mailbox contents according to an MRM configuration that you create.
As an example, to create a very simple test MRM setup, you could use the Exchange Management Console or the Exchange Management Shell to:
Create a managed folder with settings that direct the managed folder assistant to journal (archive) any new items that have been added to the folder.
Create a second managed folder with settings that direct the managed folder assistant to delete anything in the folder that is more than 30 days old.
Create a managed folder mailbox policy that directs the managed folder assistant to add the two new managed folders to every user's mailbox the next time it runs.
Schedule the managed folder assistant to run so it can add the new managed folders to users' mailboxes.
Direct users to move single items or entire folders into the new managed folders according to their needs and the organization's messaging policy.
Schedule the managed folder assistant to run so it can journal the contents of the first managed folder and delete the contents from the second, according to the folder settings.
For more information, see the following:
For a walkthrough of the setup process, see "How Do I Set Up MRM?" later in this topic.
For details about MRM setup and configuration, see Managing Messaging Records Management.
For an overview of MRM, see Understanding Messaging Records Management.
Where Do I Start?
There are a lot of things to think about before implementing an MRM solution, not all of them technical. Here are some of the things that you will want to consider.
Setting up a sandbox installation to learn about installing, configuring, and maintaining MRM is a good first step. Exchange administrators who are well versed in the details of setting up and configuring MRM in a test environment are in a better position to consult with and make recommendations to other members of the organization on the technical requirements for a good MRM solution.
Policies and Plans
Setting up an ad hoc team to create or update the organization's records management policy is another important early step to consider when implementing an MRM solution. Among the groups to consider including in the policy creation or review process are:
Records management professionals
Information technology (IT) management
The team's task is to create a records management policy that is sufficiently broad in scope to address the organization's current and future needs, but also sufficiently clear and detailed to enable the policy to be implemented by an Exchange administrator as an MRM solution. The process of developing this policy can be a long one, because each team member considers, makes suggestions, and revises the work of the others, balancing legal requirements, budget, complexity, and administrative and human considerations to come up with a policy from which a workable MRM implementation can be created.
Not the least of the concerns for the team to consider, especially in organizations with a well developed e-mail culture, are user concerns and possible resistance to an MRM solution, and how to monitor and enforce the organization's messaging polices.
Keeping Messages Where They Can Be Managed
To manage messages, the managed folder assistant must have access to them. This means that messages must be stored on an Exchange server for effective messaging records management. This has two consequences:
Users' mailboxes must often be increased in size so that they can hold more items.
Access to Personal Folder (.pst) files on users' computers should be limited or eliminated.
Increasing Mailbox Size
Keeping all user messages in mailboxes on the server usually means increasing the size of users' mailboxes, possibly to a gigabyte or more. The higher performance of Exchange 2007 helps to make these larger mailboxes manageable.
Limiting Access to .pst Files
You can start moving users away from using .pst files by creating a Group Policy that prevents new items from being added to existing .pst files. Making .pst files read-only gives users access to the .pst files they may already have while encouraging them to keep the messages that they want to keep in their Exchange mailboxes. Eventually, you may want to create a Group Policy to remove access to .pst files altogether.
Limiting access to .pst files can disrupt some users' work habits, but it also has a number of advantages.
Keeping user messages on the server and limiting access to .pst files can:
Significantly increase the effectiveness of messaging records management by keeping messages where they can be managed and monitored.
Reduce the risk of losing important data that is stored on individual hard drives rather than on servers that are backed up regularly.
Help to reduce the loss of the organization's intellectual property when vendors, interns, and employees leave the organization.
Improve users' access to their data by keeping everything in their mailboxes.
Make Microsoft Outlook Web Access more effective because all user messages are available anywhere with only a Web connection.
Reduce the cost of legal discovery during a lawsuit. The process of capturing and discovering information that is stored in .pst files is labor-intensive and expensive because .pst files must first be located on user computers and then the contents must be processed by legal personnel.
To configure users' systems to operate without .pst files in Microsoft Office Outlook 2007
Create a Group Policy that sets the following registry subkey to a value of 1. This setting prevents users from adding anything new to .pst files. Users can still create new .pst files but they cannot add anything to them. This setting blocks only Microsoft Outlook .pst files. It allows Microsoft SharePoint .pst files to be connected and updated in a user's Outlook profile. A similar registry key can be used to disable writing to .pst files in Outlook 2003.
Create a Group Policy that sets the following registry subkeys to a value of 0. These settings disable the AutoArchive menu in Outlook and remove the AutoArchive option, which is shown when the user clicks Tools, clicks Options, and then clicks the Other tab.
HKEY_CURRENT_USER/Software/Policies/Microsoft/Office/12.0/Outlook/Preferences/ArchiveDelete HKEY_CURRENT_USER/Software/Policies/Microsoft/Office/12.0/Outlook/Preferences/ArchiveMount HKEY_CURRENT_USER/Software/Policies/Microsoft/Office/12.0/Outlook/Preferences/ArchiveOld HKEY_CURRENT_USER/Software/Policies/Microsoft/Office/12.0/Outlook/Preferences/DeleteExpired HKEY_CURRENT_USER/Software/Policies/Microsoft/Office/12.0/Outlook/Preferences/DoAging HKEY_CURRENT_USER/Software/Policies/Microsoft/Office/12.0/Outlook/Preferences/PromptForAging
Create a Group Policy that sets the following registry subkey to a value of 5575. This setting removes the Outlook Data File option in Outlook, which is shown when the user clicks File, and then points to New.
Starting with a pilot implementation can help you to fine tune your MRM solution and get a sense of end-user satisfaction before an organization-wide rollout. For instance, you might discover that users find a six-month retention period for the Inbox too short, and that they are happier with a one-year limit. Or you may find that additional journaling means that you need to upgrade your archiving solution.
Members of an MRM planning team can be a good choice for the first members of an MRM pilot. Additional members can be recruited from IT personnel and from interested management personnel. When the pilot is in stable operation, you can recruit additional members of the organization to join. Any user reluctance to try managed messaging can sometimes be lessened with the promise of a bigger mailbox, automatic e-mail management (including automatic deletion of routine notices and messages that can be placed in a short-retention folder), and training to deal with any questions or concerns.
How Do I Roll Out MRM?
When it is time to implement your MRM solution in the entire organization, you may want to consider a phased rollout to allow both the people in the organization and your Exchange system to adapt to the changes required.
Human Considerations during MRM Rollout
Gradually introducing MRM to users gives them time to adapt to necessary changes in their work habits. A workable plan is to:
Do a pilot program to iron out any wrinkles in the solution and to refine the details.
Invite additional users to join the pilot program. Larger mailboxes can be an incentive to join.
When you are ready to roll out MRM to the entire organization, start by offering training on MRM and relevant organization messaging policies.
Increase the size of users' mailboxes.
Add managed folders to users' mailboxes, but with expiration turned off. Encourage users to familiarize themselves with MRM and to sort the contents of their mailboxes into the appropriate managed folders according to their needs and the organization's message retention policy.
Three weeks after users get managed folders, enable MRM and make .pst files read-only.
Be ready to provide a high level of support for users at the start of MRM implementation. (Training in advance of rollout reduces user questions and concern.)
Monitor system performance.
Monitor user compliance.
System Considerations during MRM Rollout
Your Exchange system, too, will need to adapt to MRM. The first time the managed folder assistant runs, it typically processes a large number of items. This can be a resource-intensive process for both the Mailbox server and the network. It can also result in Outlook clients consuming large amounts of time and network resources while synchronizing mailbox contents with the server. You should plan carefully to avoid overloading resources. Running the managed folder assistant when the load on the server is light and adding users gradually rather than all at once can help to ensure a smooth transition.
Training and the Human Element
People take their e-mail personally, even when it is not their personal e-mail. If faced with abrupt changes to the organization's messaging policies, users may feel annoyed or confused, especially if the new polices involve automatically deleting messages. Changes to long-established ways of doing things (such as never emptying the Inbox, or saving everything to .pst files) have the potential to cause significant disruption for some users. To assure that your MRM solution rollout proceeds with as little disruption and hard feelings as possible, consider the following.
Introduce MRM gradually rather than all at once.
Training users helps to address concerns in advance and makes for a smoother rollout. Some training subjects to consider include:
An introduction to the organization's messaging policies.
The necessity for messaging records management in the modern workplace, including an overview of the potential legal liability that results from a lack of records management, and how that liability can cost the organization money and endanger jobs.
How automatic e-mail deletion can be a timesaver, automatically getting rid of outdated content that routinely accumulates and becomes an annoyance.
How bigger mailboxes will provide more room for message storage.
How server-based storage increases mobile access to data.
How there may be unavoidable changes to the way users do things, such as not being able to add messages to .pst files, and the necessity of paying more attention to classifying and handling messages.
How MRM helps to conserve the organization's IT resources.
Notify users well in advance that changes are coming, giving them the exact dates that MRM will be implemented and reminding them of the details of the changes that will occur.
Excellent user support in the early phases of the rollout can ease the transition to MRM. Issues that arise at deployment are usually less technical than might be expected and more of the "What do I do?" nature. Having a team of people who can answer this type of question can make a big difference.
Compliance, Monitoring, and Enforcement
MRM is a powerful tool, but it isn't bulletproof. Among the ways that users can evade MRM are:
Saving messages to .pst files (if .pst files are not disabled by Group Policy).
Forwarding messages to other locations (such as a Microsoft Hotmail® account).
Saving messages as files on their computers.
Sending messages to Microsoft OneNote (with Outlook 2007).
Placing all of their mailbox folders in the managed folder with the longest retention setting.
Educating users about the organization's messaging policies can help to ensure compliance, but monitoring may be necessary to ensure that your MRM solution is effective. Enforcement of messaging policies will likely require involvement and guidance from senior management.
Getting User Compliance Information with the Get-MailboxFolderStatistics Cmdlet
You can use the Get-MailboxFolderStatistics cmdlet in the Exchange Management Shell to retrieve information about the folders in specified mailboxes, including the number and size of items in the folders, folder names and IDs, and other information. This can be an effective means of monitoring whether users are out of compliance with messaging policy (such as moving all of their mailbox items to folders with the most permissive retention policies).
In this example, the Get-MailboxFolderStatistics cmdlet is used to monitor the distribution of the contents of user John Peoples' managed folders.
Get-MailboxFolderStatistics -Identity jpeoples -FolderScope ManagedCustomFolder | Format-List
You can use the -FolderScope parameter to narrow the range of information returned by the command. In this example, only statistics about the contents of John's managed folders were requested.
In this command, the results are piped to the Format-List command to get more information and in a more useful format than with the Get-MailboxFolderStatistics command alone.
For more information about the Get-MailboxFolderStatistics cmdlet, see Get-MailboxFolderStatistics.
Complying with Legal Discovery Orders
The Export-Mailbox cmdlet in the Exchange Management Shell makes it easier to comply with legal discovery orders for mailbox contents by enabling you to copy the contents of specified mailboxes to a folder in another mailbox. For example, you could use the following command to copy the contents of user John Peoples' mailbox to a folder in a specially created mailbox named DiscoveryOrderMailboxes.
Export-Mailbox jpeoples -TargetMailbox DiscoveryOrderMailboxes -TargetFolder mailbox_jpeoples
The -TargetMailbox parameter specifies the mailbox to which the contents of John's mailbox are to be copied.
The -TargetFolder parameter specifies the folder in the target mailbox to which the contents of John's mailbox are to be copied.
For more information, see Export-Mailbox.
How Do I Set Up MRM?
A lot of planning goes into setting up a successful MRM solution, but the basic setup is fundamentally a five step process.
Let's walk through the steps for implementing a simple MRM solution by creating a managed folder and adding it to a user's mailbox. The entire process can be done with a graphical user interface in the Exchange Management Console, starting in the Mailbox node under Organization Configuration. In this example, however, we'll use the new Exchange Management Shell.
A Simple Example: The Retain One Month Folder
In this example, you'll create a new managed custom folder named Retain One Month. Managed folders with very short retention times are popular with users for storing routine, automated notices and other messages that are of only brief interest before turning into mailbox clutter. By routing messages like those to a managed folder with a short retention time, mailbox clutter is cleaned up automatically.
You can find detailed guidance about how to set up a more sophisticated MRM solution in the topic Managing Messaging Records Management.
For more information about how to use the Exchange Management Shell, see Using the Exchange Management Shell.
Step 1: Creating a Managed Folder
You can start an MRM solution by creating a new managed folder like you're doing here, or you can configure an existing managed folder (like the Inbox). (You can even create a new instance of the Inbox with different settings if you want.) For details, see How to Create a Managed Folder.
Including the retention limit (if any) in the name of managed folders (for example Long Term (5 years) or Personal Use (no age limit)) makes them easier to use because many users sort messages according to retention time.
You can also add a comment to a managed folder. Users will be able to see the comment when they select the folder in Outlook or Outlook Web Access. (The following code example is an illustration.)
Here's the command we'll run in the Exchange Management Shell to create a new managed folder.
New-ManagedFolder -FolderName "Retain One Month" -Name "ShortRetentionFolder" -Comment "Items in this folder are deleted after one month."
The -FolderName parameter specifies the folder name that the users see in the mailbox.
The -Name parameter specifies a separate name seen only by the administrator in the Exchange Management Shell and the Exchange Management Console.
The -Comment parameter is used to assign a comment that the user can see in Microsoft Outlook or Outlook Web Access.
For more information about the New-ManagedFolder cmdlet, see New-ManagedFolder.
Step 2: Creating Managed Content Settings for the Managed Folder
Now that we've created a managed folder, we'll use the following command to create managed content settings that direct the managed folder assistant to move anything in the folder that is more than 30 days old to the Deleted Items folder.
Here's the command that we'll run in the Exchange Management Shell to create the managed content settings.
New-ManagedContentSettings -FolderName "ShortRetentionFolder" -Name "Short Retention Setting" -MessageClass AllMailboxContent -AgeLimitForRetention "30" -RetentionAction MoveToDeletedItems -RetentionEnabled $true
The -FolderName parameter specifies the folder that the content settings apply to.
In the New-ManagedContentSettings command, the -FolderName parameter refers to the setting that was specified with the -Name parameter in the New-ManagedFolder cmdlet in Step 1.
The -Name parameter specifies the name of this content setting: Short Retention Setting.
The -MessageClass parameter specifies the message type to which the settings apply.
The -AgeLimitForRetention parameter tells the managed folder assistant the maximum age for items in the folder, in this case 30 days.
The -RetentionAction parameter specifies what the managed folder assistant should do with items that are at the end of their retention limit. Here you're moving them to the Deleted Items folder.
The -RetentionEnabled parameter turns on retention processing. If this parameter is set to
$false, the managed folder assistant ignores content settings for retention. If you specify a value with the -RetentionAction parameter, you must set -RetentionEnabled to
For detailed information about creating managed content settings, see How to Create Managed Content Settings.
For more information about the New-ManagedContentSettings cmdlet, see New-ManagedContentSettings.
Step 3: Creating a Managed Folder Mailbox Policy
Next, we link the managed folder that we have created to a managed folder mailbox policy. Managed folder mailbox policies are used to create logical groupings of managed folders, which makes adding managed folders to users' mailboxes easy.
For example, in the preceding illustration, a policy called Research Staff was created and linked to two managed folders: an Inbox with 180 day retention and another managed folder named R&D Folder. The Research Staff policy is then applied to the mailboxes of all new employees who join the research team, and the two managed folders are automatically added to their mailboxes.
When working with managed folder mailbox policies, keep the following points in mind:
You can add as many managed folders to a managed folder mailbox policy as you want.
You can create as many managed folder mailbox policies as you want.
Each user mailbox, however, can have only one managed folder mailbox policy.
Supporting multiple managed folder mailbox policies can be difficult from a support and maintenance perspective because it can require changes to user settings when users change roles in the organization.
Here's the command we'll run in the Exchange Management Shell to create the managed folder mailbox policy.
New-ManagedFolderMailboxPolicy -Name ShortRetentionPolicy -ManagedFolderLinks ShortRetentionFolder
We use the -Name parameter to give the new policy the name ShortRetentionPolicy.
The -ManagedFolderLinks parameter is used to link the ShortRetentionFolder folder we created in Step 1 to ShortRetentionPolicy policy.
For detailed information about creating managed folder mailbox policies, see How to Create a Managed Folder Mailbox Policy.
For more information about the New-ManagedFolderMailboxPolicy cmdlet, see New-ManagedFolderMailboxPolicy.
Step 4: Applying the Policy to a Mailbox
The next step is to apply the managed folder mailbox policy we have created to a user's mailbox. This causes the managed folder assistant to add the folders that are linked to the policy to the mailbox.
Here's the command we'll run in the Exchange Management Shell to apply our managed folder mailbox policy to a user's mailbox.
Set-Mailbox -Identity jpeoples -ManagedFolderMailboxPolicy ShortRetentionPolicy
- We're applying the new policy to the mailbox of John Peoples, specifying his mailbox with his alias, jpeoples.
For detailed information about how to apply a managed folder mailbox policy to user mailboxes, see How to Apply a Managed Folder Mailbox Policy to User Mailboxes.
For more information about the Set-Mailbox cmdlet, see Set-Mailbox.
Step 5: Running the Managed Folder Assistant
MRM isn't implemented until the managed folder assistant runs. All of the folders, settings, and policies that you create sit idle until the managed folder assistant starts working its way through the mailboxes on the mailbox server.
Because running the managed folder assistant can be a resource-intensive process (especially the first time it runs), it's best to run it at times of low server load. (It's also a good idea to monitor its performance. For details, see Monitoring Messaging Records Management.)
Scheduling the Managed Folder Assistant
Here's the command we'll run in the Exchange Management Shell to schedule the managed folder assistant.
Set-MailboxServer -Identity MyMailboxServer -ManagedFolderAssistantSchedule "Sun.02:00-Sun.06:00"
The -Identity parameter specifies the server that you want the managed folder assistant to run on.
The -ManagedFolderAssistantSchedule parameter sets the time interval during which you want the assistant to run. Here we're setting it to run from 02:00 to 06:00 on Sunday morning.
If the managed folder assistant cannot finish processing all of the mailboxes in the time allotted, it starts processing the next mailbox in line the next time it runs.
For detailed information about scheduling and running the managed folder assistant, see How to Schedule the Managed Folder Assistant.
For more information about the Set-MailboxServer cmdlet, see Set-MailboxServer.
Starting and Stopping the Managed Folder Assistant
You don't have to schedule the managed folder assistant to make it run. You can also use the Exchange Management Shell to order the assistant to simply start or stop. (This is an example of one of the many useful things that you can do in the Exchange Management Shell that you can't do in the Exchange Management Console.)
The commands are:
Every time the Start-ManagedFolderAssistant cmdlet runs, processing of mailboxes stops and then restarts, reprocessing all of the mailboxes on the server from the beginning.
Turning off MRM
You can temporarily turn off MRM at the mailbox level (such as when users are on vacation) or at the server level. You can also permanently turn off MRM for an entire organization.
For more information, see Turning Off Messaging Records Management and How to Permanently Turn Off Messaging Records Management for an Organization.
MRM from the User's Perspective
When the managed folder assistant runs in the preceding example, it adds the new Retain One Month managed folder to user John Peoples' mailbox. The next time John opens Microsoft Outlook or Outlook Web Access, not one but two new folders appear in his mail tree:
Retain One Month, the new managed folder that we just created
Managed Folders, the MRM root folder that contains all of the managed custom folders in the user's mailbox
Both folders have a double checkmark when viewed in Outlook 2007, marking them as managed folders, which cannot be moved, deleted, or renamed. John can see the comment that we added to the folder in Step 1, telling him that items in the folder are deleted after one month.
Mailbox with a managed custom folder in the MRM root folder
John has already created a rule in Microsoft Outlook that automatically moves all of the routine announcement messages that he receives to a folder named Announcements. In the past, he had to manually delete the messages that accumulated there. Now, by dragging the Announcements folder into the Retain One Month folder, the announcements are deleted automatically after one month.
Mailbox after the user drags a folder into the new managed folder
In an actual MRM implementation, John would probably have more folders to choose from, including managed folders with longer retention times and managed folders that automatically journal the folder contents.
Web Site for Folder Self-Administration by Users
John's organization could also create a Web site where John could add additional managed folders to his mailbox. This self-management option can increase user control and satisfaction while reducing administrator workload. For more information about adding a Web site for user administration of managed folders, see Managed Folder Selector Sample.
Where Can I Find Out More?
There's lots of information about MRM in Exchange Help:
For an overview of MRM, see Understanding Messaging Records Management.
For a detailed walkthrough of how to set up MRM, see Managing Messaging Records Management.
For a guide to MRM terminology, see Messaging Records Management Terminology.
The following Exchange Server Team Blog articles are a good introduction to MRM and how it works: