Announcement

Collapse
No announcement yet.

Disabling the ability of user to purge emails

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Disabling the ability of user to purge emails

    I've searched but possibly used the wrong terms.

    We have a Exchange 2000/Outlook 2000 setup here and some users have figured out how to Purge their deleted items from the recovery bin (I'm talking about AFTER the deleted items bin).

    We want them to able to recover deleted items but not purge them so that they can't be recovered. We have a 3 month retention schedule.

    Can this be done? We don't have message archiving enabled. I'm not interest in Brick Level Backups.

    Thanks,
    Rob

  • #2
    Re: Disabling the ability of user to purge emails

    Welcome to Petri, Rob

    We have an active Exchange forum slightly further down the page, and I've requested this thread be moved there for a MUCH better response.

    IIRC there is a setting at store level (certainly in Exchange 2003) to prevent permanent deletion until items have been backed up. AFAIK this beats anything the users may be able to do locally.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Disabling the ability of user to purge emails

      You cannot stop the users from deleting their own content - that includes purging content from Deleted Items. The Microsoft model is that the owner of the content can do what they like with the data.

      If you need to keep a copy of items then you need to store a copy of the content elsewhere, where the users cannot access it or remove content.

      Relying on the Recover Deleted item functionality is like relying on the waste paper basket in your office. You can keep your office locked all the time, but the one time you leave it unlocked the cleaner will come along and empty it.

      Simon.
      --
      Simon Butler
      Exchange MVP

      Blog: http://blog.sembee.co.uk/
      More Exchange Content: http://exchange.sembee.info/
      Exchange Resources List: http://exbpa.com/
      In the UK? Hire me: http://www.sembee.co.uk/

      Sembee is a registered trademark, used here with permission.

      Comment


      • #4
        Re: Disabling the ability of user to purge emails

        Originally posted by Sembee View Post
        The Microsoft model is that the owner of the content can do what they like with the data.
        I was afraid of that answer. It makes no sense to me. As a company, we own the email not the user.

        I've decided to move to a Scalix Mail server. I'm minimizing our involvement with Microsoft and since our exchange is past end-of-life, it's a good time to change.

        Thanks for the replies.

        Comment


        • #5
          Re: Disabling the ability of user to purge emails

          I haven't seen a corporate email system that works in another way. All of them, including Lotus Notes use the same model. That is why archiving software is so big.

          From a regulatory point of view if you need the email to be stored it must be stored outside of the mailbox as the user can change the content using most clients, making the email useless from a legal point of view.

          Simon.
          --
          Simon Butler
          Exchange MVP

          Blog: http://blog.sembee.co.uk/
          More Exchange Content: http://exchange.sembee.info/
          Exchange Resources List: http://exbpa.com/
          In the UK? Hire me: http://www.sembee.co.uk/

          Sembee is a registered trademark, used here with permission.

          Comment


          • #6
            Re: Disabling the ability of user to purge emails

            Speaking as a Canadian... Even the archive copy is not enough... You have to have the actual tape backup. Which is odd if you're using a NAS/SAN backup. I don't think the laws have quite caught up with the technology.

            Scalix, by default, hides the user recovery bin and the admin and "turn it on" for a user to recover an item. Since it's there and functioning all the time, it works for me to grant access on a request basis.

            Comment

            Working...
            X