In Microsoft 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, quarantine holds potentially dangerous or unwanted messages. For more information, see Quarantined email messages in EOP.
Admins can view, release, and delete all types of quarantined messages for all users. Admins can also report false positives to Microsoft.
By default, only admins can manage messages that were quarantined as malware, high confidence phishing, or as a result of mail flow rules (also known as transport rules). But admins can use quarantine policies to define what users are allowed to do to quarantined messages based on why the message was quarantined (for supported features). For more information, see Quarantine policies.
Admins in organizations with Microsoft Defender for Office 365 can also manage files that were quarantined by quarantined by Safe Attachments for SharePoint, OneDrive, and Microsoft Teams.
You view and manage quarantined messages in the Microsoft 365 Defender portal or in PowerShell (Exchange Online PowerShell for Microsoft 365 organizations with mailboxes in Exchange Online; standalone EOP PowerShell for organizations without Exchange Online mailboxes).
To open the Microsoft 365 Defender portal, go to https://security.microsoft.com. To open the Quarantine page directly, use https://security.microsoft.com/quarantine.
Complete link for additional details.
Please sign in to leave a comment.