Exchange Online – You can now configure policies to manage access to the quarantine

If you use Exchange Online, you already know it comes with a level of security and protection against malware and spam called Exchange Online Protection.

Until now, you could not really control the access to the quarantine except enabling (or not) notification to end-users to let them know there is email blocked in quarantine.

Well, good news, now you can configure policies to manage access to the quarantine (can view only or more advanced permission to allow view, release or request for release, delete…) and customize the notification with your company logo, using the logo from your Azure AD customization.

To configure such policies, connect to  your Security Portal (https://security.microsoft.com/) and access the Policies & rules\Threats policies blade to configure the Quarantine policies

image  image

There you will have already 3 default policy in place:

  • NotificationEnabledPolicy which allows users be notified and preview, release, delete message and block sender. You can edit this policy
  • DefaultFullAccess which has the notification disabled and the same permission than the previous policy. You can not edit this policy
  • AdminOnlyAccessPolicy which has notification disabled and end-user with no permission. You can not edit this policy

You can edit the global settings – managing notification and customization – using the Global Settings button

image  image

By editing the global settings you can also configure language being used by the notification; this was one of the issue with the previous configuration as the notification was always using the tenant language.

If you want to add different language, you first need to select the language from the list and then edit the Display Name and Disclaimer with the corresponding message you want to deliver, then you can click Add.