I am sometimes guilty of using this blog to write myself useful tips to remember for the future, and this is one of them…

Removing a single message from an exchange 2007 server can be done a couple ways from the Exchange Shell.  This blog uses a good method, and combined with the information on this forum, I have developed a “go to” script I use for this:

Make sure the user your logged in as has mailbox permission (use an admin account):
Get-Mailbox -Server EdgeServer | Add-MailboxPermission -User adminaccount -AccessRights Fullaccess -InheritanceType all

EdgeServer = server name,  adminaccount = your accound

Now find and delete the offending message from all mailboxes:
Get-Mailbox -Server EdgeServer | Export-Mailbox -SubjectKeywords “BAD MESSAGE” -StartDate “03/03/2014″  -SenderKeywords user@domain.com -ExcludeFolders “\Calendar”, “\Contacts”, “\Deleted Items” -Maxthreads 10 -DeleteContent

EdgeServer= server name “BAD MESSAGE”  = subject of message you want to delete
Good optional strings:
-StartDate = when you know when the message was sent, “-EndDate” also exists.
-SenderKeywords = restrict to only messages sent by a certain email address
-ExcludeFolders = limit where you are searching, speeds things up
-Maxthreads = throttle the search so you dont slow down your exchange server to unreasonable levels

Keep in mind  on a 100GB + information store this type of cleanup is taking hours at least.

You will also want to consider setting the permissions back that you set in the first shell cmdlet – most of the time because I am using the exchange administrator account to do this, I don’t bother.

Note: on exchange 2013 a new “remove-message” cmdlet exists for this sort of thing.