I've got a request to capture all email traffic on the Exchange server and store mail to the dms/database.
After some investigation, I came to the conclusion, that the best way to implement something like this would be a custom TransportAgent.
There are a few question marks around that:
The MS documentation seems to be fairly outdated and the code examples seem to be gone. It mentions Exchange 2013 everywhere, the newer versions should support them too though.
Office365 do not support them at all (as to the Office 365 is a long term plan, the problem will arise again later).
My question is, what is the best way to implement something like this? Are there any hooks or APIs that would allow me to intercept all incoming and outgoing mail (or just for a certain domain for example but not just per user account)?
And ideally, is there a solution that would be reusable for both on premises and in cloud Exchange server/Office365?
You can't use Transport Agents in Office365 because its a shared service and Transport agents are Dll's that must be installed on the local Exchange server.
If you just want to Read the incoming and outgoing email without taking any actions on it you can use journaling https://learn.microsoft.com/en-us/exchange/security-and-compliance/journaling/journaling then use the Microsoft Graph or EWS to access the particular messages in the Journal mailboxes.
If you want to take action (eg block,redirect,modify) then you need to setup mail flow https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/use-connectors-to-configure-mail-flow and then setup you own gateways to process the emails.