Yeah, this. The easiest way to comply with the GDPR is not to store personal data. The second easiest is to delete it as soon as it is no longer required (this includes from backups!)

This was a bit tongue in cheek.

In the UK I would keep business emails for at least 6 years as that's the limit for lawsuits.

Do you actually want those emails to be unearthed during a lawsuit 5 years from now?

At least one firm I worked with had a mandatory 180-day delete of any correspondence not specifically tagged for archival, and the stated reason was to prevent all their random conversations being exposed during discovery if they were prosecuted.

You are answering your own question, I think. Yes you want to keep emails unless obviously you think they may be incriminating.

The usual advice, though, is obviously not to put in writing what you don't want to be found later...

It's hard to tell a priori what will be incriminating, especially once there is more than one person's email involved