之前分享过通过Ews去删除特定邮件主题的邮件方法,日常工作中会遇到只知道邮件内容中的部分关键字,需要去删除邮件。具体过程如下: 1 说明 通过EWS API去删除邮件中包含特定关键字方法,比传统的Search-Mailbox去删除特定邮件的方法更有效。EWS去查找邮箱项目一次可以返回1000个对象(可以通过策略解除限制),而Search-mailbox一次检索只能返回250个对象。并且Search-mailbox查询无法精确匹配,有时候会将筛选条件无关的内容查询出来。 EWS API可以在非Exchange上的任何服务器上执行,而Search-Mailbox命令只能在安装了Exchange Powershell工具的加域计算机上执行。如下测试为Exchange 2013环境,如果是Exchange 2016可以下载EWS manged ap1 2.2。 2 下载EWS manged API 2.0 首先通过如下地址下载Exchange EWS managed API。 下载并安装EWS Managed API: https://www.microsoft.com/en-us/download/details.aspx?id=35371 3 安装EWS manged API 安装EWS managed API过程简单,在此不多说。

4 权限分配 直接Powershell脚本去调用EWS,需要执行脚本账号具备ApplicationImpersonation角色权限,所以首先需要为当前执行账号添加ApplicationImpersonation角色权限。 在Exchange服务器上使用Exchange Powershell执行如下命令创建角色组,并为用户分配权限。 New-RoleGroup -Name "ApplicationImpersonation" -Roles "ApplicationImpersonation" -Members Username

5 脚本文件内容 脚本分为两个部分,第一部分为主要执行删除邮件功能的脚本。脚本内容如下: 可以将如下内容另存为ews_body.ps1。 ====================脚本开始===========================

param(
$Mailbox,
$userName=$cred.UserName,
$password=$cred.GetNetworkCredential().password,
[string]$body
)
# Remember to install the EWS managed API from here: 
# http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=c3342fb3-fbcc-4127-becf-872c746840e1 
# https://www.microsoft.com/en-us/download/details.aspx?id=35371
# Then point the following command to the location of the DLL:
#设置Exchange服务器的EWs URL.
$uri=[system.URI] "https://mail.contoso.com/ews/exchange.asmx"
$dllpath = "C:\Program Files\Microsoft\Exchange\Web Services\2.0\Microsoft.Exchange.WebServices.dll"
Import-Module $dllpath

# Set Exchange Version and connect to Exchange Server
$exchService = new-object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2013_CU21) 
$ExchangeVersion = [Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2013_CU21
$service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService($ExchangeVersion)
$service.Credentials = New-Object Microsoft.Exchange.WebServices.Data.WebCredentials -ArgumentList $userName,$password
$service.url = $uri
$service.ImpersonatedUserId = New-Object Microsoft.Exchange.WebServices.Data.ImpersonatedUserId `
([Microsoft.Exchange.WebServices.Data.ConnectingIdType]::SMTPAddress,$Mailbox);

$folders = New-Object Microsoft.Exchange.WebServices.Data.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::MsgFolderRoot, $Mailbox)
$MailboxRoot=[Microsoft.Exchange.WebServices.Data.Folder]::Bind($service,$folders)
$FolderList = new-object Microsoft.Exchange.WebServices.Data.FolderView(100)
$FolderList.Traversal = [Microsoft.Exchange.WebServices.Data.FolderTraversal]::Deep
$findFolderResults = $MailboxRoot.FindFolders($FolderList)


foreach ($fdr in $findFolderResults.Folders)
{
$ItemView = New-Object Microsoft.Exchange.WebServices.Data.ItemView(10000)
$emailsInFolder = $null
do
{
$emailsInFolder = $fdr.FindItems($ItemView)
if ($emailsInFolder.Items.Count -gt 0)
{
$psPropset= new-object Microsoft.Exchange.WebServices.Data.PropertySet([Microsoft.Exchange.WebServices.Data.BasePropertySet]::FirstClassProperties) 
[Void]$service.LoadPropertiesForItems($emailsInFolder,$psPropset)
foreach ($individualEmail in $emailsInFolder.Items)
{

if ($individualEmail.body.text -match $body)
{
"$($individualEmail.From.Address),["+"$($individualEmail.ToRecipients.address)],["+"$($individualEmail.CcRecipients.address)],"+"$($individualEmail.subject)"+",$($individualEmail.DateTimeSent)"+",$($individualEmail.DateTimeReceived)"+",$($individualEmail.IsRead)" | Out-File $logfile -Append -Encoding utf8
echo "successfully found the email contains $body from $Mailbox"
$individualEmail.Delete([Microsoft.Exchange.WebServices.Data.DeleteMode]::HardDelete)
echo "successfully deleted the email contains $body from $Mailbox"
}
}
}
$ItemView.offset +=$emailsInFolder.Items.Count
}while($emailsInFolder.moreAvailable -eq $true)
} 
 

========================脚本结束======================

第二部分脚本内容为调用第一部分脚本,然后将执行删除的邮件的必要信息记录在文件中,以便查询。 脚本内容如下: ============================脚本开始=========================

$mailboxlist=Import-Csv -Path .\allMailboxList.csv
$TIME=Get-Date -Format yyyy-MM-dd-hh-mm-ss   
[string]$logfile=".\$($TIME)_delete_log.txt"
"sender,"+"Recipients,"+"CcRecipients,"+"Subject,"+"Email_DateTimeSent"+",DateTimeReceived"+",Email_IsRead" | Out-File $logfile -Append -Encoding utf8
foreach($mailboxs in $mailboxlist)
{
     $Bodylist=Import-Csv -Path .\BodyList.csv
     foreach($Body in $Bodylist)
     {
       write-host "Now finding body contain $($Body.body) from $($mailboxs.PrimarySmtpAddress)........."
       .\ews_body.ps1 -Mailbox $mailboxs.PrimarySmtpAddress -Body $Body.body -userName "admin@contoso.com" -password "P@ssw0rd"
     }

} 

=============================脚本结束========================

脚本中文件说明,如下两个文件需要放置脚本相同目录下。 allMailboxList.csv为邮箱列表,为需要操作的邮箱对象列表。 BodyList.csv 为需要匹配的邮件正文内容列表 6 测试内容准备 在测试账号邮箱中发送多封测试邮件。并且满足邮件内容包含特定内容。并且邮件中存在发件人、多个收件人和多个抄送对象。

7 脚本执行过程 直接执行脚本Action_ews_body.ps1 8 脚本执行结果 脚本执行完成后,会在脚本所在目录下生产一个log文件,该文件已当前时间为名称,记录删除邮件的情况。(发件人,收件人,抄送对象、邮件主题、邮件创建时间和邮件接收时间、以及邮件是否已读) 多个收件人和抄送对象,产生的日志文件。 9 脚本执行常见错误 在脚本执行过程中如果提示“该账号无权模拟所有请求的用户”,那么说明当前执行账号未在Exchange中分别ApplicationImpersonation角色权限。解决办法就是将当前账号添加到ApplicationImpersonation角色组中。