Overview
The Mail Purge feature allows Microsoft administrators to efficiently remove all messages from designated senders across all mailboxes within their tenant. This tool provides admins with a proactive solution for removing potentially harmful emails.
Use the links below to jump to a section:
Enabling Mail Purge
To enable the Mail Purge feature, your account must first have at least one Security Inbox configured. Once a Security Inbox is configured, follow these steps:
- Navigate to Administration > Settings > Mail Settings > Mail Purge tab.
- Click the '+ Add Mail Purge Instance' button.
- In the pop-up, select the Security Inbox and Graph App to associate the Mail Purge instance with.
- Select the Default Graph App (System Default App)
NOTE: Optionally, you can select a custom Graph App. For details on configuring the graph app for Mail Purge, please see our Custom Microsoft Entra ID App article.
- Click the 'Authorize' button.
- You'll be redirected to a Microsoft login page. You must log in using a Global Administrator account.
- Accept the required permissions.
After accepting the permissions, you'll be redirected to the Mail Settings page, and the Mail Purge instance will be created:
Using Mail Purge
To use Mail Purge, navigate to Security Inbox > Mail Purge tab. On your first load, the Mail Purge table will be empty. To purge messages from a specific sender or to check how many messages are in your entire tenant from specific senders, click on the 'Open Purge Wizard' button. You'll be presented with the pop-up below:
Two action buttons are visible, but not initially clickable. (You'll need to enter a valid email address to be able to click either button.)
- Count Emails - Clicking this button will cause the Mail Purge purge feature to create a row that will display the number of emails from the sender email address that you entered.
- Begin Purge - Clicking this button will open another pop-up that will ask you to confirm that you want all mail in every mailbox from the specific sender to be removed. Additionally, you'll be asked if you want the mail to be soft deleted (moved to the trash folder in the users' mailboxes) or hard deleted (completely removed from the users' mailboxes). If you select the hard delete option, then all mail from the specified sender will be removed across the entire organization.
- Filter by date Received - Toggling this option will allow for messages to be purged only if they were received in the inbox between the specified dates.
It is very important when you are purging mail that you are certain that you want to remove all emails from the specified sender. It's also important to understand that mail from the specified sender for every user on the entire Microsoft tenant will be deleted. Deleting mail cannot be undone.
After you begin the purge or count check, a row will appear in the Mail Purge table. Each column is described below.
- Sender Address - This is the email address for which you are counting/purging messages.
- Type (Delete or Count Messages) - Indicates if you are deleting or counting emails.
- Progress - Indicates the current status of the purge/count. It can take a while to count/purge all emails from a specific sender, depending on how many users are on your Microsoft tenant.
- Emails Removed - The number of emails that were deleted. Will be N/A for incomplete purges or for email counts.
- Date Started - The date and time the count/purge was started.
- Date Finished - The date and time the count/purge completed.
In addition to these columns, there is an 'Actions' dropdown column that allows you to perform several key tasks: purge or re-purge emails from a specified sender, recheck the number of messages associated with that sender, and download a log of all messages identified as coming from that sender.
Beyond purging emails from the Mail Purge tab, a 'Purge' button is also available on the Inbox tab. Clicking this button will take the user to the Purge tab.