Deleting an Unwanted email and finding information afterwards.
We had a user compromised and the Account got set up to Spam a whole bunch of places. I did a search of the email server with.....Get-mailbox | search-mailbox -searchquery "name of subject" -Logonly -Targetmailbox domain\username -Targetfolder Inbox.
The screen scrolls by with the number of emails containing the "name of subject" in users accounts that had it. Then it sends an email with the Total amount to the Targetmailbox.......this showed up around 40K emails
I then Deleted those emails with:
Get-mailbox | search-mailbox -searchquery "name of subject" -DeleteContent
I typed A for all.
Been doing this for years actually. However today I would like to know "just who had them". Can I find this out after the fact? The screen scrolls by so quickly......