allow quarantined emails to be deleted from the quarantine list for clarity
ability to delete emails in the quarantined queue that were reviewed and are irrelevant . this will make it easier to check the queue over time instead of waiting for the messages to expire.
Gaetan Barthelemy
shared this idea
AdminO365 Compliance and Protection Feedback
(Admin, Microsoft Office 365)
responded
Thank you for the feedback. Although we don’t have a timeframe in mind to share yet, this is something we would like to prioritize.
23 comments
-
Anonymous
commented
It's 2019 and this still hasn't be implemented.
-
Anonymous
commented
The only current way to filter this is through PowerShell:
Get-QuarantineMessage | where {$_.Released -match "false"}
will show you only messages not already released.
Then if you decide you want to release the message in PS too you can use the Release-QuarantineMessage cmd -
Anonymous
commented
I would like to suggest the following
once a email is reviewed and released it should be removed from the list. As we are going thru the bulk and spam folders we should be able to also have a button to push to add those messages we see repeat, and block them in one click. Please take care of this, this would make this tool so much better.
-
Anonymous
commented
Please, do something about that. Managing quarantine is a big mess!
-
Drew Lanclos
commented
This is actually now available in the Security & Compliance Center, just not Exchange Admin Console. Unfortunately S&C doesn't readily show you where emails have been released to recipients, whereas EAC does, so it's not perfect, but it's better than it was.
-
Chad
commented
We just switched from another vendor, who offers this ability for the end user. This is not an arbitrary request, once you have used it becomes essential.
-
Richard
commented
It is very difficult to maintain the list of quarantined emails, we have a group of staff monitoring this list and have to visit each email in turn to make sure its been release or not. Other systems we have used remove the email once removed from quarantine.... please make the change.
-
pauld
commented
Administrators can now delete messages from the hosted quarantine with PowerShell. See Get-QuarantinedMessage and Delete-QuarantinedMessage. Update status of request?
-
Trevor
commented
This feature is absolutely NECESSARY for security reasons. We have had large phishing campaigns where the emails were properly quarantined, but we have NO WAY to prevent users from releasing the malicious e-mails and clicking on them. We are only able to delete messages that have already arrived in users' mailboxes. There is nothing we can do for known-malicious quarantined e-mails.
-
Mary Preziosi
commented
We also need this feature.
-
Aaron Pieper
commented
We've been getting hit by spammers weekly during our migration to O365 from Notes. This would be such a great thing to have so users are not sending themselves a bogus quarantine notification from a real quarantine notification. If I could just select them all and DELETE, it would save us so much time during outbreaks.
-
jhghg2
commented
Couldn't agree more, if an email is convincing enough (there's plenty that are) users will release them from the quarantine and start clicking on malicious links. Admins at least should be able to remove these type of emails from the quarantine to prevent users releasing them.
-
Dan Coan
commented
Being able to delete, or prevent a user from releasing an e-mail, is a must have for admins. Malicious messages are quarantined but if the user can release it and fall for the phishing attach then it puts the company at risk.
-
Daniel Gatley
commented
This facility would also be highly beneficial in the end user notifications.
-
Anonymous
commented
Agree this is needed. Data should also be useful to protection team to validate that a message suspected of being spam is actually seen as spam by the tenant administrator or end user. Hopefully reduce what ends up in quarantine, that which is seen as junk by very large numbers of reports.
-
pauld
commented
Admin's need this ability like, yesterday! We are seeing phishing attacks land in the quarantine left and right, but once they are there, there is nothing we can do about it.
We know there are bad messages in the quarantine.
We know that a certain percentages of users will be taken by the scam, just the same, and release the message from the quarantine.
We know that a certain percentages of those users, how released the phishing message from quarantine, will then fall for the phish.Alas, this happens all too often.
As admins, we are currently powerless to help. We really need a way to purge known bad messages from the quarantine.
-
John
commented
This absolutely is a necessity. We have an issue today that was luckily contained in quarantine, but not being able to delete it as an admin leaves us vulnerable to users releasing to their inbox.
-
Anonymous
commented
I agree that deletion should be allowed...sometimes a message that gets quarantined for the masses should not be allowed to be released or should be removed from a user's ability to release it
-
Jason
commented
I agree with this: Instead, it would be better if there were a status indicator showing that an email was released, reported as false positive, or whatever
-
Anonymous
commented
some users release messages containing ransomware from quarantine and get infected. To prevent widespread infections a possibilty to prevent releasing these messages or delete them would be a great addition.