When a mailbox is enabled for litigation and holds a delegate of the mailbox is able to use OWA to permanently delete folders (and their items) from the mailbox, without them being preserved correctly by the litigation hold.
The issue impacts Exchange Online and all supported versions of Exchange Server 2013 on-premises. The bug does not exist when mailboxes are accessed via Outlook or other clients, only when accessed via OWA
Microsoft has released KB2996477 which also describes the issue:
This problem occurs when a user uses OWA to delete or move a folder from a delegated mailbox that is on hold to another mailbox if that mailbox is also open in OWA but is not on hold. The items are preserved according to the hold settings of the delegate’s own mailbox, not the settings of the delegated mailbox. The delegate can move or delete individual items inside a folder, and the items are preserved as expected.
Non-delegated scenarios, in which one user is the sole owner of a mailbox, are not affected by this issue. This problem also does not occur in the Outlook client.
There are 2 known solutions:
1. Put a hold on all users who are participating in delegated scenarios.
2. Disable OWA for users who have delegated access to their mailbox.
First, it’s worth verifying whether any mailboxes in your organization are enabled for litigation hold.
[PS] C:\>Get-Mailbox | where LitigationHoldEnabled Name Alias ServerName ProhibitSendQuota ---- ----- ---------- ----------------- Aurel Proorocu aurel.proorocu exch2013 Unlimited IT Support it.support exch2013 Unlimited
If disabling OWA is a practical solution for your organization this can easily be performed, for example:
[PS] C:\>Get-Mailbox | where LitigationHoldEnabled | Set-CASMailbox -OWAEnabled:$false
Of course, if the mailboxes are under investigation it may not be wise to tip off the mailbox owner by disabling OWA. In that case enabling litigation hold for the other users with access to the mailbox would be the better approach.