Introduction: Across your organization, you probably have different types of content that require different actions taken on them to comply with industry regulations and internal policies. Labels in Office 365 can help you take the right actions on the right content. With labels, you can classify data across your organization for governance, and enforce retention rules based on that classification. With labels, you can: Enable people in your organization to apply a label manuallyto content in Outlook, OneDrive, SharePoint, and Office 365 groups. Users often know what type of content they’re working with, so they can classify it and have the proper policy applied. Apply labels to content automatically if it matches specific conditions, such as when the content contains: Specific types of sensitive information. This is available for content in SharePoint and OneDrive. Specific keywords that match a query you create. This is available for content in Exchange, SharePoint, OneDrive, and Office 365 groups. The ability to apply labels to content automatically is important because: You don’t need to train your users on all your classifications. You don’t need to rely on users to classify all content correctly. Users no longer need to know about data governance policies – they can instead focus on their work. Note that auto-apply labels require an Office 365 Enterprise E5 subscription. You create and manage labels on the Labels page in the Office 365 Security & Compliance Center. Create a Label. Sign in to Office 365. In Office 365 Admin Center, go to Admin Centers > Security & Compliance. In Security & Compliance, go to Classifications > Labels. Click on Create a label. Provide a name for Label and description. In Label settings, there is Retention option apart from Retention policy. You can turn this on if you want to apply retention settings to that label and if not, you can simply click on Next. If you turn this On, a various parameter will be shown (as shown in below image). Retain the content – Select the retention period that for how the data will be preserved. What do you want to do after this time – Here we need to select the action which will be taken after the retention age has reached. Label classification – If this is selected, users won’t be able to edit or delete the content or change or remove the label. After providing Label settings, click Next. Review your settings and click on Create this label. Publish labels in Office 365. The primary purpose of the label policy is to group a set of labels and specify the locations where you want those labels to appear. Sign in to Office 365. In O365 Admin Center, go to Admin Centers > Security & Compliance > Classification > Label Policies. Click Publish labels and choose the labels you want to publish for this label policy. A single label can be published in many policies. After adding label, you need to choose the location where you want to publish these labels. Name your policy. Review your settings. Click on Publish labels, it will take up to 1 day to publish these labels in the location you chose, so after clicking on Publish labels you will see the below screen. As it takes normally 1 day to publish the status will be in Pending till then. Applying Labels to the documents in SharePoint and OneDrive. From Office 365 Home tab, click the SharePoint tile. On the new SharePoint tab in your browser, click a site that needs an O365 label assigned. You can assign label to the whole document library at once or you can select the document for which you want to assign label. Applying label to individual document, select the document and apply label. Applying label to a document library, select that Document library > Library settings > Apply label to items in this list or library. Click on Apply label to items in this list or library and select the label you want to apply. Similarly, you can also apply labels to OneDrive document. Conclusion: This is how we can create Label and Label policy, then publish it so that users can classify data across organization for governance and enforce retention rule based on the classification.

Introduction: Messaging records management (MRM) helps organizations to manage email lifecycle and reduce legal risks associated with e-mail and other communications. MRM in exchange online is accomplished by using retention tags and policies. Retention Tags: Retention tags are used to apply retention settings to folders and individual items such as e-mail messages and voice mail. This specify how long a message remains in a mailbox and the action to be taken when the message reaches the specified retention age. When a message reaches its retention age, it’s moved to the user’s In-Place Archive or deleted. Types of Retention tags: Retention tags are classified into the following three types based on who can apply them and where in a mailbox they can be applied. Default policy tags – Applied automatically to entire mailbox. Retention policy tag – Applies automatically to a default folder. Personal tag – Manually to items and folders. Personal tags are available to Outlook web app users as a part of their retention policy. Creating retention tags: In EAC, go to Compliance center > Retention tags, and then click +. Retention tags are classified into three types, select one of the option. The New retention tag page title and options will vary depending on the type of tag you selected. Enter a name for tag, chose retention actions and period, click Save. Retention Actions: Delete and allow recovery – Allow the user to recover deleted items until the deleted items retention period for the mailbox has not reached. Move to archive – Move the message to user’s archive folder, this is applicable only for tags that are automatically applied to the entire mailbox (default) and applied by users to items & folders (Personal). Permanently delete – Purges the item from the mailbox database. Retention Policies: To apply one or more retention tags to a mailbox, you must add them to a retention policy and then apply the policy to mailboxes. A mailbox can’t have more than one retention policy. Retention tags can be linked to or unlinked from a retention policy at any time, and the changes automatically take effect for all mailboxes that have the policy applied. Creating a Retention Policy: In EAC, go to Compliance center > Retention policies, and then click +. In New Retention Policy, provide a name for the policy and click + to add retention tags. After click +, list of all the retention tags will shown and you can select from that. After linking retention tags to policy, click Save. A retention policy can contain the following tags: One DPT with the Move to Archive action One DPT with the Delete and Allow Recovery or Permanently Delete actions One DPT for voice mail messages with the Delete and Allow Recovery or Permanently Delete actions One RPT per default folder such as Inbox to delete items Any number of personal tags Default Retention Policy: Exchange Setup creates the retention policy Default MRM Policy. The Default MRM Policy is applied automatically to new mailboxes in Exchange Online. You can modify tags included in the Default MRM Policy. Place a mailbox on Retention Hold: Placing a mailbox on retention hold suspends the processing of a retention policy. Retention hold is designed for situations such as a user being on vacation or away temporarily. To set a mailbox on Retention Hold, you need to use Powershell. For placing a mailbox on Retention Hold: Command – Set-Mailbox “Uday Mane” -RetentionHoldEnabled $true To check whether the Retention Hold in enabled on a Mailbox: Command – Get-Mailbox “Uday Mane” | Select RetentionHoldEnabled To remove retention, hold from a mailbox: Command – Set-Mailbox “Uday Mane” -RetentionHoldEnabled $false Conclusion: So, this is how we can use MRM to manage email lifecycle and reduce legal risks associated with email and other communications.  

Introduction: Sharing policies enable users to share calendar information with different types of external users. Sharing polices are assigned to mailboxes and allow users to share their free/busy information with recipients in external Office 365 organizations. Creating a sharing policy in Exchange Online. Allow users to share calendar information and contacts with external organizations. Navigate to EAC Organization > Sharing. Under Individual Sharing, click+. In new sharing policy, type a name for the sharing policy in the Policy name. Click + to define the sharing rules for the policy. In sharing rule, select one of the following options to specify the domains you want to share with (as shown below): Sharing with all domains Sharing with a specific domain If you select Sharing with a specific domain, type the name of the domain. To specify the information which can be shared, select Share your calendar folder check box, and then select one of the following: Calendar free/busy information with time only Calendar free/busy information with time, subject, and location All calendar appointment information, including time, subject, location and title Click save to set the rules. If you want to set this sharing policy as the default sharing policy in your organization, select the Make this policy my default sharing policy check box. Click save to create the sharing policy. After creating the policy, User can share their calendar from Outlook. The person to whom you have allowed to share calendar will receive an email (as shown below). By clicking on Add this calendar, the calendar of yours will be shared with that person. Create an organizational relationship. Set up an organization relationship to share calendar information with an external business partner Navigate to Organization > Sharing in Exchange Admin Center. Under Organization sharing, click +. In new organization relationship, in the Relationship name  box, type a name for the organization relationship. In the Domains to share withbox, type the domain for the external Office 365 organization. In Enable calendar free/busy information sharingcheck box to turn on calendar sharing with the domains you listed. To set the free/busy access level, select one of the following: Calendar free/busy information with time only. Calendar free/busy with time, subject, and location. To set which users will share calendar free/busy information, select one of the following: Everyone in your organization. A specified security group – You can browse and select the group for whom you want to enable the sharing. Click save to create the organization relationship. For users to share calendar: Go to Outlook > Calendar. Click Share. Send a sharing invitation in email. Conclusion: So, in this way we can share the calendars between organizations and external users.

Introduction: Spam is an irrelevant or unsolicited messages sent over the Internet, basic spam filter settings in Exchange Online include selecting the action to take on messages identified as spam. Spam-filter policy settings are applied to inbound messages only. You can edit the default spam filter policy to configure your company-wide spam filter settings and create custom spam filter policies and apply them to domains in your organization. Administrator needs to have Organization Management and Hygiene Management role group assigned to them. In EAC, go to Protection > Spam filter. You can either edit the default settings or create a custom spam filter by click on +. On Spam and Bulk action page, under Spam and High confidence spam, select the action to take for incoming spam email. By default, move messages to Junk Email folder is selected. In this case, we are selecting Quarantine Message. Quarantine Message – Sends the message to quarantine instead of to the intended recipients. When you select quarantine message, In Retain spam for (days) specify the number of days during which the spam message will be quarantined. On the Block & Allow list page, you can specify entries, such as senders or domains. Message will always be marked as spam if it is in block list and message will always be delivered if sender is in allow list. On the International Spam page, you can filter email messages written in specific languages, or sent from specific countries or regions. You can configure up to 86 different languages and 250 different regions. On the Advanced Optionspage, you can choose On, Off, or Test for each advanced spam filtering option. If you select Test, no action is taken on messages that meet the spam filter criteria however, messages can be tagged with an X-header before they are delivered to the recipient. If you select Test for any of the advanced options, you can configure the following test mode settings when a match is made to a test-enabled option: None – Take no test mode action on the message. This is the default. Add the default test X-header text– Checking this option sends the message to the recipients but adds a X-header to the message that identifies it as having matched a specific advanced spam filtering option. Send a Bcc message to this address– Checking this option sends a Bcc of the message to the email address you provide. Quarantine – If you have selected to move the spam messages in quarantine then you review spam items in quarantine, messages can be released from there either to selected users or all the users. If an item was incorrectly reported as spam, you can also report it as a false positive. If reported as a false positive and it’s a spam-quarantined message, it will also be reported to the Microsoft Spam Analysis Team, who will evaluate and analyse the message. In the below screen, you can see test spam mails and the message status in the right pane. You can review & release the message as an administrator from EAC by selecting the message and clicking on the Release Message icon. If there are more than 500 messages, then you can have an advanced search to find the message. You can use several parameters to find the message, for targeted search for a specific message you can select Message ID. Message ID – If you discover that the message was sent to the quarantine you can then easily find this message in the quarantine by specifying its Message ID. For example, if a specific message is sent by, or intended for, a user in your organization, but it never reaches its destination, you can search for the message using the message trace feature. If you discover that the message was sent to the quarantine you can then easily find this message in the quarantine by specifying its Message ID. Message trace: As an administrator, you can find out what happened to an email message by running a message trace in the Exchange admin center (EAC). Enter the Data range or select custom to specify the search dates, and then click Search. From the Message trace results, select the message and click Edit. You will able to see the details of the message, status, message ID. Hence, you can get the message ID from message trace feature in Exchange Online and can do an advanced search in Quarantine. You can also analyse the message header from Microsoft remote connectivity analyser URL: https://testconnectivity.microsoft.com/?tabid=mha. Message Header – Message headers provide a list of details about the message, such as who sent it, the software used to compose it, and the email servers that it passed through on its way to the recipient. You can find message header in quarantine message, click on the message for which you want the message header. Copy the message header and paste it under message header analyser in Microsoft remote connectivity analyser. For end users to access spam-quarantined message and release message. Go to following URL: https://admin.protection.outlook.com/quarantine, provide Office 365 credentials and sign in. After you’ve signed in and been authenticated, you’ll be directed to the end user spam quarantine. User can view the details of the message and release messages from user quarantine. Configure end-user spam notification. Administrator can also configure spam notification for end-users. So that users get the notifications of spam quarantined message. Go to EAC > Protection > Spam Filter. Select the Spam filter policy for which you want to configure end-user spam notification. On configuration page, select the days in the range of 1-15 and tick on Enable end-user spam notifications. User will get a mail notification for the same. Conclusion: By this way, you can apply a default spam filter policy or create a custom policy for your organization which will help to protect organization from spam mails.

Introduction: Sometimes users accidentally can remove their emails from inbox and deleted items folder. You can find the deleted mail in Recover deleted items. There also might be a situation when a user cannot find a deleted email in their Office 365 mailbox, a user will probably ask you to recover missing mails. You can recover it directly through Exchange Online using the In-Place eDiscovery & hold options (You must be a Global Administrator in Office 365). Steps: To recover deleted emails, follow the steps below: 1. Login to your Office 365 account and go to the Admin app. 2. On Left pane, extend Admin centers and click Exchange (Exchange Admin Center). 3. Go to Permissions > Admin Roles. From list of roles select Discovery Management and click on Edit icon. 4. On resulting window, go to members section and click + to add a member. Search for your name and click add and Ok. Save it. 5. Sign out and Sign In again, so that changes take effect. 6. Once permission is assigned to you, go to the Compliance Management section and then In-Place eDiscovery & hold. Click + icon 7. Provide a name for your search and, optionally, a description. Click Next. 8. You can choose a mailbox you want to search. Select the Specify mailboxes to search option, and then click on the + icon to add a mailbox. Click Next. 9. The next step is to specify criteria for a search query. Click the Filter based on criteria option, and adjust search options to your needs. When you need to provide more than one keyword in a search query, you need to separate them with OR or AND, not commas. 10. In the same window, click on the Select message types and select Email. Click OK. You can similarly search for contacts, meetings, etc. 11. Once you adjusted search query to your needs, click Next. 12. In the In-Place eDiscovery and hold page click Next without choosing any options as we don’t want to place any content on hold. 13. Now, your settings will be saved. Once the process is completed, click Close. 14. Select the search you created and click Refresh to update the information displayed in the details pane. The status of Estimate Succeeded indicates that the search has finished. 15. In details pane, click Preview search results to view the items. This helps you identify the items you are looking for. 16. If you can’t find an item by previewing search results, then you can copy the search results to a special mailbox (called a discovery mailbox) and then open that mailbox in Outlook on the web to view the items. On the copy search results page, click Browse. Under the display name, click Discovery Search Mailbox, and then click OK and Copy (shown in above image). When the copying is complete, click Open to open the Discovery Search Mailbox to view the search results (shown in below image). The search results copied to the Discovery Search Mailbox are placed in a folder that has the same name as the In-Place eDiscovery search. 17. After you find the item you’re trying to recover for a user, the next step is to export the results from the search you ran to Export  to PST. The user will use this PST file in the next step to restore the deleted item to their mailbox. Click below arrow mark as shown in below image. 18. Click on Run to install eDiscovery tool. 19. Click on Browse button to add location and leave the enable deduplication & include unsearchable items option. 20. After providing PST location click Start, it will ask for Office 365 admin credentials, after providing the same download will start. 21. The last step is to just send this PST file to the user so that he can restore. User need to use the outlook desktop app to restore deleted item by using a PST file. Click to Open Outlook Data File, browse the file and click OK. The PST file appears in the left-nav bar in Outlook. Expand the same and right-click the item you want to recover and then click Move > Inbox. In the below image,  you can see recoverable items. Conclusion: You can easily recover the deleted mails of users even if it is deleted from deleted items and are not shown under recover deleted items.