Tuesday, October 20, 2020

Office 365 Spam Remover - Now supports MFA (Updated to support Content Searches)

Problem: A spam campaign has hit your tenant and affected mailboxes and the Campaign options in O365 are either unavailable or don't satisfy the executives yelling at you while you read this.

Resolution: Adjust this script to replace CONTOSO with your domain (if not it will prompt you). This will prompt you for your Exchange Admin credentials, offer you the chance to add more exchange admin accounts to run this under, prompt for the evil sender(s), date and time the spam campaign hit, and optionally the subject line(s) of the evil email messages so you don't accidentally remove too many messages. The script uses a message trace of all email sent to your tenant by the evil senders during the time frame specified and then searches those mailboxes to find the message(s) and NOW CREATES CONTENT SEARCHE(S)! From there, it will create the Purge action necessary to delete the message in question.

Last Updated May 21, 2019 to improve several sections based on feedback and optimizing. Another version of this script has been posted that has a GUI for all of the initial input using the Windows Presentation Framework built into Windows (so no special installs needed) at https://www.hornerit.com/2019/05/o365-spam-remover-script-now-with-gui.html. As with any script you get from the internet, no warranty is expressed or implied for this script so test it and tweak to your environment. I have tried to make it use UTC and avoid hard-coding any regional settings but your mileage may vary.

Update 2019-06-17 - I have moved my scripts to a github repository so that updates are easier to make. DO NOT WORRY - I do not make my github look freaking weird with folders and cryptic things that non-developers don't understand...my scripts are right there in the main folder and you can click them to view/copy/download: https://github.com/hornerit/powershell/blob/master/O365-SPAM-REMOVER-NoGUI-Public.ps1

No comments:

Post a Comment