With this new quarantine policy, tenant admins will be able to configure end user access to messages quarantined by the Exchange Online Protection (EOP) anti-spam, Microsoft defender for office 365 (MDO) anti-phishing, anti-malware and Microsoft defender for office 365 (MDO) safe attachment policies. End users will also now have a process to request message release. This message is associated with Microsoft 365 Roadmap IDs 62449 and 62450.
We’ve added a way for end users to triage quarantined phish messages. We understand that managing false positives is important to ensuring email is delivered appropriately, and in the past, end users weren’t granted access to the quarantine to view messages. We’ve introduced an option to grant end users read-only access to the quarantine to view quarantined messages and request that an admin release messages to the inbox. Previously, quarantine behavior was configured through each individual filtering policy. To reduce complexity, we’ve moved new and existing quarantine parameters into a standalone Quarantine policy.
- Exchange Online
When this will happen
- We will be gradually rolling this out to standard release customers at the early April. We expect the rollout to be complete by the end of August (previously end of June).
- We will be gradually rolling this out to government clouds beginning in early June, and we expect to be complete by the end of August (previously end of June).
How this will affect your organization
The EOP anti-spam, anti-phishing, anti-malware and safe attachments will now allow for more granular control of recipient actions. As part of these new granular controls end users will be able to request the release of a message. These granular controls are set up by admin.
Previously, admins were unable to alter end user access for messages quarantined by the default policies.
Before this new end user release workflow, end users who had access to preview a quarantined message had no direct way to request that the message be released. Instead, they had to manually ask an admin to release messages.
Note: these policy changes will not impact existing end user access controls. Changes will be managed by the Admin.
What you need to do to prepare
Once the changes are rolled out, the Admin will be able to customize the default end user access for the anti-spam, anti-phishing, anti-malware and safe attachments policies. This does not affect any previously customized policy settings.
If you want to modify the current default end user access to the anti-spam, anti-phishing, anti-malware and safe attachments policies, you can do so once the feature is available in your tenant.
- Anti-spam and anti-malware protection EOP
- Anti-spam protection in EOP
- Anti-phishing protection in Microsoft 365
- Anti-malware protection in EOP
- Safe Attachments in Microsoft Defender for Office 365
- Manage quarantined messages and files as an admin in EOP
- Additional documentation will be available once the feature has been released.
Message ID: MC244732
Published: 17 March 2021
Updated: 13 July 2021