How to clear Exchange mail queues using PowerShell for a specific user

powershell exchange

Recently, my organization were victim of a spam attack. Sadly, some users provided their email and password. The attacker set up a long queue of emails to be sent (from the victims account).

We had to delete all the message manually (from the queue viewer). It was very painful (more than 100 thousands emails...).

Is it possible to clear the email queue of a specific user with the PowerShell ? (using the Active Directory module)

Found this old post, but it look outdated and it delete all the queue...


Solution 1:

You just have to add a Where-Object (abbreviated to ?) after Get-Message to select the messages you want to remove.

Get-ExchangeServer |
    ?{$_.IsHubTransportServer -eq $true} |
    Get-Queue |
    get-message |
    ? {$_.sender -eq '[email protected]'} |
    Remove-Message -withNDR $false

Related

Map Network Drive to a WebDAV Server via PowerShell
GPMC missing Hide/Show links
Service Pack 1 for Microsoft Office 2013 install fails
How can I redirect HTTP IIS7 response "403 forbidden" to HTTPS?
Why can't we directly change a group from global scope to domain local or vice versa?
Properly documenting installations of seldom used new technologies
What is the significance of _domainkey.foo.com prefixes? (pic, mailo, k1, etc)
rsyslog does not discard messages
How to use iptables or tc to limit packets per client.
Do Linux servers using AD/Kerberos for authentication/authorization need computer accounts?
Is it possible to check the progress of of a currently running clamAV scan?
EC2 - How to route outbound traffic through a single public IP