If you use Exchange Online, you already know it comes with a level of security and protection against malware and spam called Exchange Online Protection.
Until now, you could not really control the access to the quarantine except enabling (or not) notification to end-users to let them know there is email blocked in quarantine.
Well, good news, now you can configure policies to manage access to the quarantine (can view only or more advanced permission to allow view, release or request for release, delete…) and customize the notification with your company logo, using the logo from your Azure AD customization.
To configure such policies, connect to your Security Portal (https://security.microsoft.com/) and access the Policies & rules\Threats policies blade to configure the Quarantine policies
There you will have already 3 default policy in place:
- NotificationEnabledPolicy which allows users be notified and preview, release, delete message and block sender. You can edit this policy
- DefaultFullAccess which has the notification disabled and the same permission than the previous policy. You can not edit this policy
- AdminOnlyAccessPolicy which has notification disabled and end-user with no permission. You can not edit this policy
You can edit the global settings – managing notification and customization – using the Global Settings button
By editing the global settings you can also configure language being used by the notification; this was one of the issue with the previous configuration as the notification was always using the tenant language.
If you want to add different language, you first need to select the language from the list and then edit the Display Name and Disclaimer with the corresponding message you want to deliver, then you can click Add.