Introduction:
Inactive mailboxes have always been a challenge when managing data lifecycle in Microsoft 365. They’re created automatically when a user account is removed while a retention policy, retention label, litigation hold, or eDiscovery hold is still active. Their purpose is simple: ensure data remains preserved for compliance, even after the user has left the organisation.
Historically, removing holds from inactive mailboxes required multiple steps and careful analysis to avoid compliance risks. With Microsoft’s introduction of ExcludeFromAllHolds, long-awaited by many, the process is now greatly simplified without reducing legal defensibility.
This blog breaks down what the feature does, how it supports Purview Data Lifecycle Management, and how you can use it step‑by‑step in PowerShell.
Why This Feature Matters
Organisations often retain thousands of inactive mailboxes due to overlapping retention policies, user‑level holds, label holds, and temporary holds. These mailboxes consume storage, complicate lifecycle governance, and create risk when data is retained longer than needed. ExcludeFromAllHolds provides a unified way to remove all non‑legal retention holds from an inactive mailbox, allowing it to safely move into its deletion lifecycle.
This aligns with:
- GDPR/AVG data minimisation
- ISO/IEC 27001 evidence retention
- Purview Data Lifecycle Management
- eDiscovery defensibility
The cmdlet respects legal obligations, preserving all litigation and eDiscovery holds, ensuring regulated data stays protected.
What Holds Does ExcludeFromAllHolds Remove?
Microsoft designed ExcludeFromAllHolds to remove operational retention holds while preserving required legal and regulatory holds.
✅Holds That Are Removed
| Hold Type | Description | Scope |
|---|---|---|
| Organisation-level retention policies | Org‑wide retention policies are applied broadly across the tenant | Global |
| User‑level retention policies | Retention policies targeted at individual users or mailboxes | Individual |
| Compliance Tag Holds | Holds created by retention labels (ComplianceTagHoldApplied) when no restrictive policy exists | Content-specific |
| Delay Holds | Temporary holds are applied during policy transitions | Temporary |
| Delay Release Holds | Holds preventing immediate deletion during retention policy changes | Temporary |
❌Holds That are NOT Removed
| Hold Type | Reason for Preservation | Impact |
|---|---|---|
| InPlaceHolds (ComplianceSearch / eDiscovery) | Required for legal compliance | Retained for compliance |
| eDiscovery Holds | Required to preserve evidence for legal cases | Cannot be removed |
| Litigation Hold | Mandatory during legal investigation or litigation | Always preserved |
| Restrictive Retention Policies | Regulatory or mandatory retention requirements | Remains enforced |
| Policy configurations | ExcludeFromAllHolds does not modify the policies themselves | No policy modification |
ExcludeFromAllHolds creates a mailbox‑level exemption. It does not delete or modify any retention policies.
How This Supports Purview Data Lifecycle Management and Compliance
Works with static and adaptive scopes
The feature supports both retention models, making it flexible for organisations using Purview Adaptive Scopes. You can also use Adaptive Scopes for inactive mailboxes, but this feature still gives you a lot of flexibility.
Supports defensible deletion
Once holds are removed, the mailbox becomes soft‑deleted and will be permanently deleted after 30 days.
Reduces compliance overhead
Organisations can clean up large numbers of inactive mailboxes more efficiently using bulk operations.
Ensures legal preservation
All litigation and eDiscovery holds remain intact, ensuring defensibility in audits or court.
Examples
Remove holds from a single inactive mailbox
Validate mailbox is inactive (and inspect current holds):
# Connect to EXO
Connect-ExchangeOnline
# Check that the mailbox is truly inactive and see which holds are visible
Get-Mailbox -InactiveMailboxOnly -Identity "john.doe@securityprime.nl" | Select-Object DisplayName,PrimarySmtpAddress,IsInactiveMailbox,InPlaceHolds,ComplianceTagHoldApplied,LitigationHoldEnabledRemove non‑legal holds (preserves eDiscovery & litigation):
Set-Mailbox -Identity "john.doe@securityprime.nl" -ExcludeFromAllHolds(After exclusion, the mailbox will enter the soft‑delete lifecycle and be permanently removed after ~30 days unless legal holds still apply.)
Verify post‑state / deletion path:
# Verify again (some properties update asynchronously via Managed Folder Assistant)
Get-Mailbox -InactiveMailboxOnly -Identity "john.doe@securityprime.nl" | Select-Object DisplayName,InPlaceHolds,ComplianceTagHoldApplied,LitigationHoldEnabled
# When the mailbox transitions into the soft-delete path, you can also query:
Get-Mailbox -SoftDeletedMailbox -Identity "john.doe@securityprime.nl" | Select-Object DisplayName,PrimarySmtpAddress,WhenSoftDeleted
Bulk processing: all inactive mailboxes
Below is a safe pattern that:
- Finds all inactive mailboxes.
- Shows current hold count.
- Applies
ExcludeFromAllHolds. - Retrieves the mailbox again and shows the updated hold count.
#Loop through every inactive mailbox, remove holds, and show before/after counts to track progress.
$inactive = Get-Mailbox -InactiveMailboxOnly
foreach ($mbx in $inactive) {
Write-Host "Processing: $($mbx.DisplayName)"
Write-Host "Current holds: $($mbx.InPlaceHolds.Count)"
Set-Mailbox -Identity $mbx.Guid -ExcludeFromAllHolds
$updated = Get-Mailbox -InactiveMailboxOnly -Identity $mbx.Guid
Write-Host "Remaining holds: $($updated.InPlaceHolds.Count)"
}Notes
- Using
Guid(ExchangeGuid) as-Identityis robust if SMTP aliases change. - Property updates may be asynchronous (Managed Folder Assistant). If the “Remaining holds” value doesn’t change immediately, recheck later.
Allow the Soft‑Delete Lifecycle
Once excluded from holds, the mailbox is soft‑deleted and permanently removed after 30 days.
Audit
To verify when and by whom ExcludeFromAllHolds was applied, you can search the Unified Audit Log for recent mailbox updates. The audit log captures Set-Mailbox operations that include the ExcludeFromAllHolds parameter, allowing you to track administrative changes for compliance and troubleshooting.
Search-UnifiedAuditLog -StartDate (Get-Date).AddDays(-7) -EndDate (Get-Date) -RecordType ExchangeAdmin -Operations "Set-Mailbox" -FreeText "ExcludeFromAllHolds"
Conclusion
- ExcludeFromAllHolds simplifies inactive mailbox lifecycle management and gives you the flexibility.
- Removes most retention holds but keeps legal holds fully intact.
- Directly aligns with Purview Data Lifecycle Management, GDPR, and ISO standards.
- Enables safe, defensible, automated deletion processes.
- Works with both static and adaptive retention scopes.
This feature is small but hugely impactful for organisations aiming to mature their Purview retention and compliance model.
Resources:
https://learn.microsoft.com/en-us/powershell/module/exchangepowershell/set-mailbox?view=exchange-ps#excludefromallholds
Using ExcludeFromAllHolds to Remove Holds from Inactive Mailboxes | Microsoft Community Hub
Discover more from Blogs | Saied Taki
Subscribe to get the latest posts sent to your email.