Microsoft Advanced Threat Protection - Quarantined Mail

Quarantine holds potentially dangerous or unwanted messages in Office 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes. .

Note: Messages that were quarantined as high confidence phishing, malware, or by mail flow rules (also known as transport rules) are only available to admins.

An end-user spam notification contains the following information for each quarantined message:

  • Sender: The send name and email address of the quarantined message.

  • Subject: The subject line text of the quarantined message.

  • Date: The date and time (in UTC) that the message was quarantined.

  • Block Sender: Click this link to add the sender to your Blocked Senders list. For more information, see Block a mail sender in Outlook.

  • Release: For spam (not phish) messages, you can release the message here without going to Quarantine the Security & Compliance Center.

  • Review: Click this link to go to Quarantine in the Security & Compliance Center, where you can release, delete or report your quarantined messages. For more information, see Find and release quarantined messages as a user in Office 365.

Example end-user spam notification

 

 Viewing Your Quarantine 

It is possible to view your own quarantined mail by going to https://protection.office.com/quarantine, if you experience issues trying to access this page, some troubleshooting steps you can perform include trying other web browsers, or clearing your browers' cache

  

Additionally, if an email you believe to be quarantined does not show within your quarantine, it may be found in your ‘Junk’ folder. If it is not found within quarantined or junk mail it is possible that the focused inbox feature has sorted it out and that it is under the ‘Other’ section. 

 

Details

Article ID: 2207
Created
Thu 3/26/20 4:58 PM
Modified
Thu 7/30/20 1:44 PM