You use mailbox properties to set delivery restrictions, permissions, and storage limits. To change these configuration settings for mailboxes, follow the techniques discussed in this section.
You set message size restrictions for contacts in much the same way that you set size restrictions for users. Follow the steps listed in the next section.
Message size restrictions control the maximum size of messages that can be sent or received in the Exchange organization. With Exchange Online, the maximum size of messages that users can send is 35,840 KB and the maximum size of messages that users can receive is 36,864 KB by default. You can override these defaults by setting different maximum send and receive sizes, up to 153600 KB.
You set individual delivery restrictions by completing the following steps:
188. Open the Properties dialog box for the mailbox-enabled user account by double-clicking the user name in Exchange Admin Center under Recipients > Mailboxes.
189. On the Mailbox Features page, scroll down and then click View Details under Message Size Restrictions.
190. As shown in Figure 6-6, you can set the following send and receive restrictions:
FIGURE 6-6 You can apply individual delivery restrictions on a per-user basis.
191. Click OK and then click Save. The restrictions that you set override the global default settings.
You set message send and receive restrictions for contacts in the same way that you set these restrictions for users. Follow the steps listed in the next section.
By default, user mailboxes are configured to accept messages from anyone. To override this behavior, you can do the following:
You set message send and receive restrictions by completing the following steps:
192. Open the Properties dialog box for the mailbox-enabled user account by double-clicking the user name in Exchange Admin Center under Recipients > Mailboxes.
193. On the Mailbox Features page, scroll down and then click View Details under Message Delivery Restrictions. As shown in Figure 6-7, you can then set message acceptance restrictions.
FIGURE 6-7 You can apply send and receive restrictions on messages on a per-user basis.
194. To accept messages from all email addresses except those on the reject list, under Accept Messages From, select All Senders.
195. To specify that only messages from the listed users, contacts, or groups be accepted, select the Only Senders In The Following List option and then add acceptable recipients by following these steps:
Click Add (
)to display the Select Members dialog box.
Select a recipient, and then click OK. Repeat as necessary.
TIP You can select multiple recipients at the same time. To select multiple recipients individually, hold down the Ctrl key and then click each recipient that you want to select. To select a sequence of recipients, select the first recipient, hold down the Shift key, and then click the last recipient.
196. If you want to ensure that messages are accepted only from authenticated users, select the Require That All Senders Are Authenticated check box.
197. To specify that no recipients should be rejected, under Reject Messages From, select No Senders.
198. To reject messages from specific recipients, under Reject Messages From, select Senders In The Following List and then add unacceptable recipients by following these steps:
Click Add () to display the Select Members dialog box.
Select a recipient, and then click OK. Repeat as necessary
199. Click OK.
Occasionally, users need to access someone else’s mailbox, and in certain situations, you should allow this. For example, if John is Susan’s manager and Susan is going on vacation, John might need access to her mailbox while she’s away. Another situation in which someone might need access to another mailbox is when you’ve set up special-purpose mailboxes, such as a mailbox for Webmaster@domain.com or a mailbox for Info@domain.com.
You can grant permissions for a mailbox in three ways:
), and then use the Select Full Access dialog box to choose the recipients who should have access to the mailbox. To revoke the authority to access the mailbox, select an existing user name in the Display Name list box and then click Remove.
), and then use the Select Send As dialog box to choose the recipients who should have this permission. To revoke this permission, select an existing user name in the Display Name list box and then click Remove.
), and then use the Select Send On Behalf Of dialog box to choose the recipients who should have this permission. To revoke this permission, select an existing user name in the Display Name list box and then click Remove.
In a remote session with Exchange Online, you can use the Add-MailboxPermission and Remove-MailboxPermission cmdlets to manage full access permissions. Samples 6-1 and 6-2 show examples of using these cmdlets. In these examples, the AccessRights parameter is set to FullAccess to indicate full access permissions on the mailbox.
SAMPLE 6-1 Adding full access permissions
Syntax
Add-MailboxPermission –Identity UserBeingGrantedPermission
–User UserWhoseMailboxIsBeingConfigured –AccessRights 'FullAccess'
Usage
Add-MailboxPermission –Identity
'CN=Mike Lam,OU=Engineering,DC=pocket-consultant,DC=com'
–User 'IMAGINEDLANDS\boba' –AccessRights 'FullAccess'
SAMPLE 6-2 Removing full access permissions
Syntax
Remove-MailboxPermission –Identity 'UserBeingGrantedPermission'
–User 'UserWhoseMailboxIsBeingConfigured' –AccessRights 'FullAccess'
–InheritanceType 'All'
Usage
Remove-MailboxPermission –Identity 'CN=Jerry Orman,
OU=Engineering,DC=pocket-consultant,DC=com'
–User 'IMAGINEDLANDS\boba' –AccessRights 'FullAccess' –InheritanceType 'All'
In a remote session with Exchange Online, you can use the Add-ADPermission and Remove-ADPermission cmdlets to manage Send As permissions. Samples 6-3 and 6-4 show examples using these cmdlets. In these examples, the -ExtendedRights parameter is set to Send-As to indicate you are setting Send As permissions on the mailbox.
SAMPLE 6-3 Adding send as permissions
Syntax
Add-ADPermission –Identity UserBeingGrantedPermission
–User UserWhoseMailboxIsBeingConfigured –ExtendedRights 'Send-As'
Usage
Add-ADPermission –Identity 'CN=Jerry
Orman,OU=Engineering,DC=cpandl,DC=com'
–User 'IMAGINEDLANDS\boba' –ExtendedRights 'Send-As'
SAMPLE 6-4 Removing send as permissions
Syntax
Remove-ADPermission –Identity UserBeingRevokedPermission
–User UserWhoseMailboxIsBeingConfigured –ExtendedRights 'Send-As'
–InheritanceType 'All' –ChildObjectTypes $null
–InheritedObjectType $null -Properties $null
Usage
Remove-ADPermission –Identity 'CN=Jerry
Orman,OU=Engineering, DC=pocket-consultant,DC=com'
–User 'IMAGINEDLANDS\boba' –ExtendedRights 'Send-As'
–InheritanceType 'All' –ChildObjectTypes $null –InheritedObjectTypes $null
-Properties $null
NOTE Another way to grant access permissions to mailboxes is to do so through Outlook. Using Outlook, you have more granular control over permissions. You can allow a user to log on as the mailbox owner, delegate mailbox access, and grant various levels of access. For more information on this issue, see the “Accessing Multiple Exchange Mailboxes” and “Granting Permission to Access Folders Without Delegating Access” sections in Chapter 9 "Working with Exchange Clients. "
Except when rights management prevents it, any messages sent to a user’s mailbox can be forwarded to another recipient. This recipient can be another user or a mail-enabled contact. To configure mail forwarding, follow these steps:
200. Open the Properties dialog box for the mailbox-enabled user account by double-clicking the user name in Exchange Admin Center.
201. On the Mailbox Features page, scroll down and then click View Details under Mail Flow.
202. To remove forwarding, clear the Enable Forwarding check box.
203. To add forwarding, select the Enable Forwarding check box and then click Browse. Use the Select Mailbox User And Mailbox dialog box to choose the alternate recipient.
204. If you enabled forward, you can optionally specify that copies of forwarded messages should be retained in the original mailbox by selecting the Deliver Message To Both Forwarding Address And Mailbox checkbox.
If you use a remote session with Exchange Online to configure forwarding, you can specify that messages should be delivered to both the forwarding address and the current mailbox by setting the -DeliverToMailboxAndForward parameter to $true when using Set-Mailbox.
In a standard configuration of Exchange Online, each licensed user gets 50 GB of mailbox storage and a storage warning is issued when the mailbox reaches 42.5 GB. If a user has a licensed in-place archive, the archive can have up to 25 GB of storage; a storage warning is issued when the archive mailbox reaches 22.5 GB. Other licensing options are available that may grant additional storage rights.
You can view the current storage size for a user by completing the following steps:
205. Open the Properties dialog box for the mailbox-enabled user account by double-clicking the user name in Exchange Admin Center.
206. Select the Mailbox Usage page. You'll then see the current storage size of the mailbox.
Users who have an archive mailbox have the mailbox type User (Archive). You view individual storage for archive mailboxes by completing the following steps:
207. Select the user name in Exchange Admin Center.
208. In the Details pane, scroll down until you see the In-Place Archive heading and the related options. Click View Details.
Normally, when a user deletes a message in Outlook, the message is placed in the Deleted Items folder. The message remains in the Deleted Items folder until the user deletes it manually or allows Outlook to clear out the Deleted Items folder. With personal folders, the message is then permanently deleted and you can’t restore it. With server-based mailboxes, the message isn’t actually deleted from Exchange Online. Instead, the message is marked as hidden and kept for a specified period of time called the deleted item retention period.
NOTE The standard processes can be modified in several different ways. A user could press Shift+Delete to bypass Deleted Items. As an administrator, you can create and apply policies that prevent users from deleting items (even if they try to use Shift+Delete). You can also configure policy to retain items indefinitely.
With Exchange Online, the default retention settings are as follows:
If you want to modify these settings, you can create a retention policy that specifies the delete and move-to-archive rules that are used. In Exchange Admin Center, you create and manage retention policies using the options found under Compliance Management > Retention Policies. After you create a retention policy, you can apply it by completing these steps:
209. Open the Properties dialog box for the mailbox-enabled user account by double-clicking the user name in Exchange Admin Center.
210. On the Mailbox Features page, use the Retention Policy list to specify the retention policy that should be applied to the selected user.
211. Click Save.
REAL WORLD Deleted item retention is convenient because it allows the administrator the chance to salvage accidentally deleted email without restoring a user’s mailbox from backup. I strongly recommend that you create retention policies and apply them accordingly.