Solved

Powershell Mailbox Search

Posted on 2013-05-23
4
1,439 Views
Last Modified: 2013-06-06
Experts,

I am looking for a script that can do the following:

Search All Mailboxes in our Exchange 2007 Environment for a specific attachment
Log the mailboxes that the search returned
Ensure that the file is deleted from my exchange environment

In exchange 2010 I could do the following:

Part1:
Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery attachment:trojan* -TargetMailbox Administrator -TargetFolder SearchLogs -LogOnly -LogLevel Full
Part2:
Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery attachment:trojan* -DeleteContent

However in Exchange 2007 I am not sure how to accomplish this.

Requirements:

I need this in two seperate scripts:
Script 1:
Search all mailboxes for the attachment and export results that include Mailbox Name to a log file

Script 2:
Search all Mailboxes and for the attachment and delete the message containing the attachment.
0
Comment
Question by:KLSMart
  • 2
4 Comments
 
LVL 69

Expert Comment

by:Qlemo
ID: 39190770
Get-Mailbox -ResultSize unlimited | Export-Mailbox -whatif -AttachmentFilenames trojan* -TargetMailbox Administrator -TargetFolder SearchLogs >> Trojan.log

Open in new window

and
Get-Mailbox -ResultSize unlimited | Export-Mailbox -DeleteContent -AttachmentFilenames trojan* -TargetMailbox Administrator -TargetFolder SearchLogs 

Open in new window

You will have to delete the moved emails from the admin mailbox, as only copy or move is available with MSX 2007.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39190831
FYI, If you have Exch 2007 SP 1 + then you don't have to specify the TargetMailbox parameter with DeleteContent, you can delete content from the user mailbox without exporting it to another mailbox.

Get-Mailbox -ResultSize unlimited | Export-Mailbox -DeleteContent -AttachmentFilenames "trojan*"

Open in new window

0
 

Author Comment

by:KLSMart
ID: 39190899
I ran the whatif simulator that you gave me above and changed the file name to an attachment file name that I know doesn't exist and got some interesting results.

The whatif simulator tried to export content from every users mailbox. I don't believe that the -AttachmentFilenames switch is working in that script as I know that every user does not have access to that attachment and that was confirmed when I put a bogus attachment name into the script.
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39191278
export-mailbox on MSX 2007 works different from 2010 and above. It completely exports a mailbox into a target mailbox, then deletes anything not matching. What you see with -WhatIf is (probably) everything done - I cannot check, without MSX SP the -WhatIf seems not to work (does nothing).
Thinking about it, I doubt you can do the same as in 2010, because of the different behaviour. Aside from export-mailbox, there is no means to search users mailboxes.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
how to add IIS SMTP to handle application/Scanner relays into office 365.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question