--> -->

How to Recover Deleted Emails in Office 365 with NAKIVO Backup & Replication

Subscribe banner

Microsoft Office 365 is a cloud-based solution that provides subscription services which are typically used for business purposes.  You are required to buy licenses for your Microsoft Office 365 subscription for the appropriate number of users to make it possible for them to access and use enterprise-grade applications and services. Email correspondence is an essential aspect of modern-day business operations, but occasionally an email message can be accidentally deleted. Another bad situation that can occur is when a user loses email credentials as a result of a cyberattack and cannot log in to their Outlook 365 account. This blog post explains how to recover deleted emails in Office 365.

Download NAKIVO Backup & Replication now and try out the Microsoft Office 365 Backup functionality for yourself.

You can also visit the NAKIVO Community Forum and discuss how to recover deleted emails in Office 365 in a fast and efficient manner.

General Recommendations to Reduce Chances of Losing Emails

You can reduce the probability of having to recover accidentally deleted emails if you take measures to prevent losing emails and email accounts. The following precautions can help you avoid losing your email data:

  • Strong password. Using a strong password can make it difficult to hack your password.
  • Respect and comply with the security policy. Don’t save passwords as plain text, and don’t write down passwords on a piece of paper that can be accessed by other people. Don’t tell passwords to people who introduce themselves as the support service.
  • Two-factor authentication. When this authentication method is used, an additional security level is provided by adding a second authentication form from a range of available authentication methods. After entering a password to log into your Office 365 account, you have to enter a verification code or use another configured verification option. Two-factor authentication makes hacking your account far more difficult.

Defining Your Office 365 Email Recovery Strategy

To be able to restore lost or deleted data in Office 365 when required, you need to regularly perform backup and keep those backups in a secure location. Hence, you should primarily check whether or not you already have an Office 365 backup in place which can be used for data recovery.

How to recover deleted emails in Office 365

Recovery without a backup

If you haven’t made a backup, available recovery methods are limited. The basic Office 365 email recovery methods which can be used in such case are explained in the section below.

Using an email client and a web interface in conjunction offers some advantages. You possess all downloaded emails in your email client until you delete them inside the client. If you have deleted the email message in the email client which is configured to use the POP3 email retrieving protocol, the message will not be deleted from the mail server immediately (if the appropriate settings are configured in the email client). As a result, your email message is preserved in the web interface of Microsoft Office Outlook 365 (even if you have deleted this email message in the email client).

However, if you have lost your Microsoft Office 365 account as a result of a malware or hacker attack, your email messages can be restored via your email client. Ask a system administrator to reset the password of your Microsoft Office 365 account, an then scan your computer and all installed storage devices for viruses and malware.

As you can see, having a copy of your email messages increases the chances of successful email recovery.

Using a web interface

Within 30 days after their deletion, emails are stored in the Deleted Items folder. Once they are deleted from the Deleted Items folder, your email messages are moved to the Recoverable Items folder. The email messages are stored in the Recoverable Items folder for 30 days and then deleted permanently and irreversibly. Thus, you still have 60 days to restore required emails since the moment of their deletion. In this blog post, you will see how to recover deleted emails in Office 365 using the web interface when there is no backup available.

If a user notices that an important email has been deleted and the recovery period of 60 days has already expired, the mere presence of a backup in place can save the user a lot of headache and ensure recovery of the accidentally deleted email.

Recovery from a backup

Having a backup in place of your email messages provides you with additional recovery options. First, let’s consider the native options that can be used to back up Office 365 emails.

Use the Archive folder

If the IMAP protocol is used to retrieve and synchronize email messages in the email client and on a mail server, configure the archiving settings to archive email messages to the Archive folder. When you configure email archiving, the Archive folder can be considered as a backup by using built-in features of Microsoft Office 365.

Configure email forwarding

Email forwarding can be enabled in the web interface of Microsoft Office 365 and by configuring the rules in Outlook desktop client. Select the address you want your email messages to be sent to and configure it to keep copies of the forwarded messages on your first email account (it will prevent a message from deleting from the first email account after forwarding). For example, we have two email accounts:

1) michaelbose@email01.onmicrosoft.com

2) michaelbose@nakivo.onmicrosoft.com

We can set all incoming email messages of the michaelbose@email01.onmicrosoft.com to be forwarded to michaelbose@nakivo.onmicrosoft.com automatically to increase the probability of recovering Office 365 deleted emails. If an email message is accidentally deleted from the first account, it is still possible to find a copy of the message in the second account.

Export emails from Outlook

Outlook desktop client provides options to export/import email messages to/from a PST file. This feature can be used to transfer emails from one computer to another and backup or recover email messages. When you export your emails, they are not deleted from the email client. However, a copy of your email messages is exported to the PST file. Keep the PST file in a safe place and use it to recover emails when needed. You can set up the AutoArchive feature in Outlook desktop client to export emails automatically within the defined time period (1 day, 2 days, 7 days etc.).

Using eDiscovery

eDiscovery is a tool that is available only for Microsoft Office 365 subscribers who have Office 365 Enterprise E3 and E5 plans. This tool can be used by system administrators who manage email accounts for a domain of the company in Office 365 Admin Center, but not by end users of Office 365 email accounts. Electronic discovery can be utilized to identify and deliver information to be used as evidence for investigations and legal cases. Another popular use case of eDiscovery is to search, collect and export data from Office 365 for corporate users and organizations. The export feature can be used to export emails of a user to a PST file. Emails are not recovered to the original location automatically. A user has to import the PST file manually and manage the recovered email messages as needed.

Using NAKIVO Backup & Replication

NAKIVO Backup & Replication is a universal data protection solution that can back up virtual, physical, and cloud environments. This is all-in-one solution that can be used to back up and recover Office 365 email accounts. You can download NAKIVO Backup & Replication 9.2 with Microsoft Office 365 support from the official website. The backup process can be automated, making Office 365 email backup fast and easy.

Now that you are familiar with the diverse methods of how to recover deleted emails in Office 365, let’s find out how to recover deleted emails on practice.

How to Recover Deleted Emails in Office 365 without Backup

One of the most popular use cases is described in this section. As mentioned above, when using web interface of Microsoft Office 365 Outlook, your deleted emails can be recovered from the Deleted Items folder within 30 days. In Outlook 365 go to the Deleted Items folder and select the necessary email messages. Then click the Restore button to restore the deleted messages to the source location (emails deleted from the Inbox folder will be recovered to the Inbox folder).

Office 365 recover deleted email from the Deleted Items folder

If 30 days have passed after email deletion, or you have deleted an email message from the Deleted Items folder manually, the deleted message will no longer be displayed in this folder. However, it is still possible to recover the deleted message from the Recoverable Items folder within 30 days after deleting it from the Deleted Items folder. On the screenshot below, you can see that the Deleted Items folder is empty and there are four items deleted from the Deleted Items folder which are still recoverable. In order to recover those items, click Recover items deleted from this folder.

Office 365 recover deleted email in the web interface

Now you are in the Recoverable Items folder. Select the message you wish to recover and click Restore. The email message is recovered to the source location (the Inbox folder in our case).

Office 365 recover deleted email from the Recoverable Items folder

How to Create a Backup of Office 365 Emails

Having a backup provides you with far greater abilities for recovering Office 365 deleted emails. Suggested backup approaches were explained above and now it’s time to put them in practice. Let’s review how to back up Office 365 mailboxes and email messages with NAKIVO Backup & Replication in an example. You have to configure environment only once and then your Office 365 mail accounts will be backed up and protected. NAKIVO Backup & Replication is running as a Linux-based virtual appliance in this example.

The first action you have to do is find Office 365 identifiers (IDs) and register the backup application in the Microsoft Azure Active Directory which can be accessed by using a web browser. These identifiers which are used as credentials will be required to add your Office 365 account to Inventory of NAKIVO Backup & Replication.

Starting conditions in this example are the following: there is a corporate account with a couple of user accounts for Microsoft Office 365, the domain name is email01.onmicrosoft.com and the admin name is admin@email01.onmicrosoft.com. Users have mailboxes in Outlook 365. System administrator can manage user accounts by visiting the web page:

https://admin.microsoft.com/AdminPortal/Home#/homepage

Organization user accounts in Office 365 Admin Center

Azure Active directory settings for Office 365

You have to perform a certain configuration before you can get the necessary credentials for adding the Office 365 account to Inventory of NAKIVO Backup & Replication. Management APIs of Office 365 use Azure Active Directory (AD) for providing authentication services for non-Microsoft applications to grant rights and allow access.

Go to Azure Active Directory settings by opening the web page:

https://azure.microsoft.com/en-us/services/active-directory/

Log in by using an administrative account of your company (domain). Click Portal to open the management portal.

Microsoft Azure Portal

In the Azure services section, hit Azure Active Directory to open Azure Active Directory settings.

Selecting Azure Active Directory

In the left pane, select App registrations and click New registration.

Note: If these options are inactive and not accessible or a network error is displayed, try using an IP address from another country. For some strange reason, it can sometimes be impossible to load the App Registration page in Azure Active Directory settings from certain countries. You can use a VPN service and open this web page by using an external IP addresses that belong to the USA or the European Union, for example.

App registrations in Azure Active Directory are required to configure Office 365 backup

The Register an application window is opened. You have to register NAKIVO Backup & Replication as the allowed application for your Office 365 account in Azure Active Directory settings. Use the following algorithm:

1. Enter the name for your registered application, for example, NAKIVO_9-2.

2. In the Supported account types section, select:

Accounts in any organizational directory (Any Azure AD directory – Multitenant) and personal Microsoft accounts”.

3. Click Register.

Registering the Office 365 backup application in Azure Active Directory settings

In the App Registrations > NAKIVO-9_2 > Overview section, you can see the identifiers (IDs) – Application (client) ID, Directory (tenant) ID and Object ID. In the current example, the credentials are the following:

Application (client) ID: vv807d81-5e44-26e5-7621-dd5e21843a6a

Directory (tenant) ID: adb12933-1385-31a7-aa4f-b614511df15a

Object ID: 1d67c837-19e0-40e6-aef5-e7ef0537271a

Write down or copy these IDs because you will need them later. Then click View API permissions.

IDs are required to configure Office 365 backup with NAKIVO Backup & Replication

Select API permissions in the left pane. In the Configured permissions section, click Add a permission.

Adding API permissions to make possible adding to Inventory, backup, and recovery of Office 365

In the next window, hit Microsoft Graph.

Microsoft Graph is necessary for setting API permissions in Microsoft Azure Active Directory

After that, click Application permissions.

Selecting application permissions

Add the necessary permissions in the Request API permissions window. Tick the checkbox near the following strings:

Mail>Mail.ReadWrite

User>User.Read.All

Adding API permissions for the Office 365 backup application

After ticking the checkboxes, click the Add permissions button in the bottom of the window.

Adding API permissions to back up Office 365 with NAKIVO Backup & Replication

The two entities you added before are now displayed in the API permissions section, but their status is Not granted. Click Grant admin consent for [your directory name]. In this example, the Default Directory name is used.

API permissions are added

The confirmation message is displayed:

Do you want to grant consent for the requested permissions for all accounts in Default Directory? This will update any existing admin consent records this application already has to match what is listed below.

Click Yes.

Now the status of the entities is Granted.

Admin's consent is granted for API permissions

This means that now you can generate a client secret ID.

Go to Certificates and secrets and click New client secret.

Creating a new client secret for Office 365 in Azure AD settings

Type Secret ID as the description and define the expiration period, for example, by setting the secret to expire in one year. Click Add.

A secret ID that expires in 1 year

Now the secret ID is displayed. Copy the secret ID value and keep this information secured in a safe place.

@DhF4ah3eSj-cF-sJf40_HvhDE5AVbcH

A new client secret ID is generated for NAKIVO Backup & Replication

Adding Office 365 account to Inventory

Once you have all the needed IDs (credentials) and configured Office 365 on the Azure side, you can go to configuration of NAKIVO Backup & Replication. First you need to add your Office 365 account to Inventory. Open the web interface of NAKIVO Backup & Replication, go to Configuration and select the Inventory tab. Click Add New and in the drop-down menu, select Microsoft Office 365 account.

Office 365 recover deleted email – adding the Office 365 account to Inventory

Add new Microsoft Office 365 account by entering the name and credentials. Use the credentials that you collected before in the Azure Active directory configuration.

Display Name: Office 365

Tenant ID: adb12933-1385-31a7-aa4f-b614511df15a

Azure Client ID: vv807d81-5e44-26e5-7621-dd5e21843a6a

Azure Client Secret: @DhF4ah3eSj-cF-sJf40_HvhDE5AVbcH

Click Add.

Adding a new Office 365 account to Inventory of NAKIVO Backup & Replication

If you entered the correct credentials, you will see your Office 365 account appear in Inventory in a moment. The total amount of used storage and number of mailboxes is displayed after adding an Office 365 account to Inventory.

The Office 365 account is added to Inventory of NAKIVO Backup & Replication

You can click your Office 365 account name and see the list of Office 365 users of your organization (domain).

Office 365 user accounts can be viewed in NAKIVO Backup & Replication

If you already use NAKIVO Backup & Replication, you know that if you want to run a backup job, you should prepare a backup repository. Notice that Office 365 backup requires you to create a special Microsoft Office 365 repository type. Let’s create a new backup repository for Office 365. Go to Configuration > Repositories, click Add Backup Repository and select Create new backup repository.

Creating a new backup repository for Microsoft Office 365

You should create a directory for your Microsoft Office 365 backup repository on the machine where NAKIVO Backup & Replication is installed. In our example, the product is running on a Linux machine and /opt/nakivo/repo365 will be the directory used for the Office 365 backup repository.

Create a new directory on a Linux machine running NAKIVO Backup & Replication:

mkdir /opt/nakivo/repo365

Make the NAKIVO user to be the owner of the directory:

chown -R bhsvc:bhsvc /opt/nakivo/repo365

Set the correct permissions for the directory:

chmod 0755 /opt/nakivo/repo365

Creating a directory for a new Office 365 backup repository

Now you can enter the parameters for the new Office 365 backup repository.

Name: Office365 repo

Assigned transporter: Onboard transporter

Type: Microsoft Office 365

Path to the local folder: /opt/nakivo/repo365

Hit Add to finish creating a new backup repository for Office 365.

Creating a new Office 365 backup repository in NAKIVO Backup & Replication

On the screenshot below, you can see that a new Microsoft Office 365 backup repository has been successfully created.

A new Office 365 backup repository is displayed in the Repositories tab

Creating a Microsoft Office 365 backup job

Once your Office 365 account is added to Inventory and Office 365 backup repository is created, you can create a new Office 365 backup job to back up the email data of your users. On the home page of NAKIVO backup & Replication web interface, click Create and select Microsoft Office 365 backup job.

How to recover deleted emails in Office 365 – you have to create a backup first

The New Backup Job Wizard for Microsoft Office 365 is opened.

1. Sources

Select the necessary mailboxes that you would like to back up. Tick the checkboxes next to the appropriate users to select them. Hit Next to continue for each step in the wizard.

Selecting source Office 365 mailboxes to back up in NAKIVO Backup & Replication

2. Destination

In the drop-down menu, select Office365 repo you created before as a backup repository for Office 365. If you have multiple backup repositories for Office 365, you can click each account and select a custom backup repository for each account.

Select the destination of an Office 365 user mailbox

3. Schedule

Select the scheduling options for a backup job as you usually would.

Scheduling options

4. Retention

Similarly, select retention settings that are typical for your backup jobs in NAKIVO Backup & Replication.

Retention settings

5. Options

The final step of the wizard is to select Office 365 backup job options. Enter the job name, for example, Office 365 backup job and set additional options if needed. Hit Finish & Run to save Office 365 backup job settings and run the job.

New Office 365 backup job options

You can see the progress and job status on the main page of the web interface when selecting the job.

The Office 365 backup job has been completed successfully

How to Recover Deleted Emails in Office 365 from Backups

Now you have a backup of your Office 365 mailboxes created in NAKIVO Backup & Replication. It means that it is possible to recover the entire email account or custom email messages. Let’s recover an email message from the Office 365 backup. On the home page, click Recover > Microsoft Office 365.

How to recover deleted emails in Office 365 with NAKIVO Backup & Replication

The Object Recovery Wizard for Microsoft Office 365 is opened.

1. Backup

In the left pane, select the required Office 365 backup job, click the job name, and select the required user(s) whose mailbox(es) you wish to recover. In the right pane, select a recovery point. By default, the latest recovery point is selected. Hit Next to continue for each step in the wizard.

Office 365 recover deleted email – selecting the backed up Office 365 user account

2. Recovery Account

If you have two or more Microsoft Office 365 accounts, you can select the required account from the drop-down menu.

Office 365 recover deleted email – selecting the recovery account

3. Objects

On this step, you can select the necessary users and view email folders (click the user to expand folders). Let’s recover the email message whose subject is “Recover Me” in the Inbox folder. Tick the checkbox near the messages you wish to recover by clicking on them. In our example, we recover the email message received by Michael Bose.

Office 365 recover deleted email – selecting email messages to recover

4. Options

At this step, you can configure two parameters.

Recovery type:

  • Recover to original location. Emails are recovered to the original location of the source user account.
  • Recover to mailbox. Emails are recovered to the appropriate folder of another selected user.

Overwrite behavior:

  • Rename recovered item if such an item exists.
  • Skip recovered item if such an item exists.
  • Overwrite the original item if such an item exists.

In this example, we are recovering the email to the original location.

Hit Recover to recover deleted emails in Office 365 with NAKIVO Backup & Replication.

Office 365 recover deleted email – configuring recovery options

5. Finish

You can see the status of the Office 365 recovery job in the Activities tab, or click Close to exit the Wizard.

Office 365 recover deleted email – the recovery job is created

On the screenshot below, you can see the status of the Microsoft Office 365 recovery job displayed in the Activities tab.

Office 365 recover deleted email – the recovery job is running

Once the job is complete, you can open the web interface of Microsoft Office 365 Outlook and log in as a user to the account to which you have recovered the email data. In our case, this is the account of Michael Bose. As we recovered the email message to the source location, let’s check the Inbox folder. The message has been recovered successfully and it is present in the Inbox folder .

Office 365 recover deleted email – the email message has been recovered successfully

Conclusion

There are a couple of recovery options for Microsoft Office 365 mailboxes and today’s blog post has covered the most affordable of them. Having a backup in place plays an important role when it comes to recovering deleted email messages, and defines Microsoft Office 365 recovery strategy. Without creating backups, you can only recover deleted emails within 60 days in the web interface of Office 365. If you use an email client, then you have a local copy of emails that can help if your account becomes compromised, blocked, or wiped out. If you have deleted an email message in the email client that is properly configured, the message can be still accessed in the web interface of Office 365. The best option is to perform backup of Office 365 email accounts regularly. NAKIVO Backup & Replication can protect your Office 365 email accounts by running backup jobs automatically and regularly. If a user has lost an email message, granular recovery allows you to recover the appropriate email messages without recovering entire mailboxes.

Microsoft Office 365 Backup

How to Recover Deleted Emails in Office 365 with NAKIVO Backup & Replication
5 (100%) 3 votes

Join Us for the New Webinar

Remote Work and Data Loss:
Take Control of Your
Microsoft 365 Data

Learn how to help your remote teams overcome
Microsoft 365 data protection challenges

register now

Let’s Stay in Touch

Subscribe today to our monthly newsletter
so you never miss out on our offers, news and discounts.