O365 Email File Allowance Work Instruction

This work instruction will allow an administrator to create an allowance for an email that got falsely quarantined due to policy.

This article is intended for employees of organizations that use Sittadel's security. Additionally, there are some actions that can only be accomplished by those with administrative privileges.

Procedure Scope: Administrators

Required Group Membership: Admin.EmailSecurity

  1. If an email is captured in Quarantine due to detected malware related to URL or File Attachments but you know that the source is reputable, gather the embedded link or file for the next step.
  2. Navigate to File Submission – O365 Defender, select Add New Submission.
  3. A pop-up will be generated asking details pertaining to the File, the file itself as well as if it was registered as a false positive or false negative. In our case we have had a File mistakenly blocked and need it to be whitelisted instead. Select Submit once all of the items have been configured.
  4. A finalization prompt will be displayed showing that the items have been submitted for review. Select Done to proceed.

You're Finished!

You should have submitted the falsely quarantined email; this will allow it to be viewable for the individual experiencing the delayed delivery. Take into account that this process should only be carried out if all proper measures have been done to verify that the email isn't malicious. For any other problems or questions, reach out to us!