New-MailboxSearch Powershell command for Searching and extracting Mails from Exchange 2013 Journaling server.

Published on
7,636 Points
1 Endorsement
Last Modified:
New-MailboxSearch Powershell Command and step by step approach to Search and Extract Emails form Exchange 2013 Journaling server.
In today's world the Exchange mailing platform has become a business-critical enterprise application, and mails stored on a MS Exchange server can be used in many scenarios. One such scenario you might come across is to search and extract mails from the Exchange Journaling infrastructure for compliance or legal purposes, as e-mails are treated as evidence in today's world.

I have come across this kind of scenario and thought I could share some insight on how this can be achieved.

My current infrastructure has three Exchange 2013 multi-role servers and one Journaling server. We only journal mails that are sent and received externally.

I have received a request to search all mails that had been sent to a particular domain (for example, @Gmail.com) from the Exchange 2013 journaling server and extract them.

To complete the request I followed these steps.

1) Create a new mailbox search request:
new-MailboxSearch -name SearchName -SourceMailboxes Journalingmailboxname -TargetMailbox targetmailboxname -SearchQuery "From:'@Gmail.com'" 

Open in new window

2) Type in this command to make sure that search was created
Get-MailboxSearch SearchName

Open in new window

3) Kick start the search with this command and you should see the mails being extracted into the target mailbox you specified in step 1.
Start-MailboxSearch -Identity 

Open in new window

If you have to modify the search you can use the set-mailboxsearch command with a new query.

This can be used with different parameters in search query:
-SearchQuery "attachment:'.zip'  (All mails with attachment having .zip files)
-SearchQuery "attachment:'.zip' Received:>4/22/2013"  (All mails with attachment having .zip files with time range)

If you have an Exchange 2010 environment you can use the Search-Mailbox  command with a similar search query.

For any future details you can refer to these articles:

Hope this helps a bit for someone who encounters any request.

Don’t forget that you need Discovery Management rights in order to perform these commands. Otherwise the commands will fail.
1 Comment

Expert Comment

by:Senior IT System Engineer
using Exchange 2013, what's the difference between Search-Mailbox and New-MailboxSearch ?

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Join & Write a Comment

Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…
Watch the video to know the process of migration of Exchange or Office 365 mailboxes in absence of MS Outlook. It is an eminent tool which can easily migrate Public, Archive user mailboxes from one another Exchange server and Office 365. Kernel Migr…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month