Set the PRIVATE flag on Exchange mailbox messages
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


SetPrivateFlags.exe will SET the private flag on all messages matching a subject substring.

See, if you want to remove private message flags.

Why should I use this

When you migrate from an alternative email server solution (e.g. Lotus Notes) and a mailbox contains confidential messages, you might want to mark such message as private after content migration.


Simply copy all files to a folder location where you are allowed to execute it and the Exchange servers are reachable.


  • Exchange Server 2013/2016 (Tested with CU15, maybe it will work with Exchange 2007/2010 as well)
  • Application Impersonation Rights if you want to change items on other mailboxes than yours
  • Microsoft.Exchange.WebServices.dll, log4net.dll (are provided in the repository and also in the binaries)


SetPrivateFlags.exe -mailbox -subject "[private]"

Search the mailbox of for all message containing [private] in the subject text and ask for changing each item

SetPrivateFlags.exe -mailbox -subject "[private]" -noconfirmation

Search the mailbox of for all message containing [private] in the subject text and all items are altered without asking for confirmation


Mailbox which you want to alter

  • optional: -logonly

Items will only be logged

  • optional: -noconfirmation

Messages will be set to normal without confirmation

  • optional: -ignorecertificate

Ignore certificate errors. Interesting if you connect to a lab config with self signed certificate

  • optional: -impersonate

If you want to alter a other mailbox than yours set this parameter

If set together with -password this credentials would be used. Elsewhere the credentials from your session will be used

If you set an specific URL this URL will be used instead of autodiscover. Should be used with -ignorecertificate if your CN is not in the certficate

  • optional: -allowredirection

If your autodiscover redirects you the default behaviour is to quit the connection. With this parameter you will be connected anyhow


MIT License