Understanding your Microsoft 365 email quarantine

Microsoft 365’s email quarantine securely holds spam, phishing, malware, and other unwanted messages until they expire, or you request their release.

Learn more about malicious emails, phishing, and what to do about them.

iBizify Manage365 and Secure365 customer email quarantines are regularly fine-tuned to capture more regular threats, while optimising successful delivery of legitimate email.

Sometimes, legitimate emails may not appear in your Inbox or Junk folder. If this happens, you'll get an email from quarantine@messaging.microsoft.com to review any suspicious items.

Microsoft quarantine notification email

The irony isn’t lost on us, that this important message does look like a phishing email. Check that it is indeed from quarantine@messaging.microsoft.com before you click!

In this notice, you can see who sent the quarantined message, when it was sent, and what the subject is.

⚠️ Every quarantined email has a reason for being there. Sometimes, it's harmless - flagged as spam or bulk mail; however, there's often something suspicious that calls for caution. Such emails might carry security risks. Legitimate emails can also end up quarantined if the sender's email service isn't properly configured, which happens fairly often. Emails in your junk folder are usually just spam, but messages in quarantine deserve extra attention.

The notification will display options based on the severity of the threat.  If the message is classified as a “high confidence phish”, you may not be given the option to review or release it.  Instead, contact your administrator for evaluation.

What to do with your quarantine notification email

  • Ignore and delete it: The quarantined email will be deleted after thirty days.
  • Click Release: Not recommended. Consider reviewing the message first. If you click Release, the message will be delivered to your mailbox momentarily.
  • Click Review Message: Recommended.  You can then safely preview the message contents, and find out more about where it came from.

How to check the safety and legitimacy of a quarantined email

Click Review Message in your quarantine notification message, or find and click the message within your quarantine at https://security.microsoft.com/quarantine

Previewing a quarantined message

Check the Email details, particularly the Sender display name, Sender address and Sender mail from address (should typically tally up and relate).

Check the Return path.  Typically, this should return to the sender.  Sometimes, if the sender is using a mailer service like Mailchimp it may return there which is usual.  Check the value here doesn’t go off somewhere unknown or suspicious.

Check the URLs, which show the true destination of the links in the message regardless as to how they appear in the email itself.  Do these go to where you would expect?

Preview the message contents.  You can do so safely by clicking the "triple dot" button, top-right, then Preview message.  Does the content look appropriate?  Are you expecting this message?  Is it important?

If you are still absolutely certain all is well, you can click Release email to deliver it to your mailbox.  If in any doubt- do not do this!  If you are still concerned, report the message to your administrator.

Don’t miss a thing

We recommend you routinely review your quarantine, perhaps weekly.  You may wish to bookmark the following link so you can easily visit your quarantine when convenient:

https://security.microsoft.com/quarantine

Help

Products

Blog

  info@ibizify.net

  01296 252 010

  Directions to iBizify

Schedule call back Book service Connect to support Client Portal Login to Remote Login to Phone

  iBizify.net Ltd, Claydon House, 1 Edison Road, Rabans Lane Industrial Area, AYLESBURY HP19 8TE

IT consultancy, integration, research, development, and cloud services

Simplicity Promise  Privacy policy