Defender for Email File Submit and Allow Action

This guide will show an administrator how to access the File Submissions page to submit a desired file or file hash that will reduce the likelihood of security scanning criteria holding messages that possess this file.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: TBD

Domain: TBD

Modifies: TBD

Defender for Email File Submit and Allow Action

  1. If an email is captured in Quarantine due to detected malware related to URL or File Attachments but you know that the source is reputable, gather the embedded link or file for the next step.
  2. Navigate to the File Submissions – Microsoft Defender portal, locate and select the + Add new submission action, a flyout will be generated, specify Files from Select the submission type dropdown. You will be able to supply the desired file that keeps getting quarantined from the Browse files action, make sure to select the file from the proper file directory within the generated file explorer window. We will also want to make sure to have the Clean option selected under the This file should have been categorized as prompt. Specify a desired priority for the Choose the priority prompt. Add any optional notes for Microsoft to interpret when processing your submission. The Share feedback and relevant content with Microsoft checkbox must be selected for the File submission action to be initiated. Select Submit to finalize.

Need Assistance?

Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.