Implement "Search and Destroy" Capability

[jordan-wright]

This one will be tricky for different environments, but it would be nice to have the ability for analysts to do a "search and destroy" operation for reports.

In a nutshell, this would allow analysts to find other emails that match the existing report. These emails may not have been reported. The analyst could then automatically remove the emails from the user's inbox. Of course, we would need to make sure we have logging and documentation for what action the analyst took.

This will be difficult to get right, so this isn't a high priority item to be completed ASAP.

[blahdidbert]

I have been trying to implement something like this in my O365 environment for a while. I am not really strong in Powershell (but still learning). Microsoft has a full article on this and goes over the touch points of what needs to be done:

https://support.office.com/en-us/article/Search-for-and-delete-email-messages-in-your-Office-365-organization-Admin-Help-3526fd06-b45f-445b-aed4-5ebd37b3762a

[mcvic1rj]

@blahdidbert using a combination of Azure tools (mainly runbooks) you can accomplish this by having isthislegit make a webrequest with the relevant data for a destroy.