This guide will show an administrator how to identify quarantined emails that pertain to failure related to Anti-Spam and Anti-Phishing policies.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
O365 Security Identify Held Spam and Phishing
- Navigate to the Quarantine – Microsoft Defender portal, locate and select Filters, specifying the Quarantine Reasons as Spam, Phishing, and High Confidence Phishing followed by Apply.
- With the filters selected, any quarantined messages that have been flagged as spam, phishing and high confidence phishing will be propagated.
- As the administrator, you will be able to view the message and make any troubleshooting decisions dealing with message handling.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.