Skip to content

Email Quarantine Management

Email quarantine isolates emails suspected of spam, phishing, malicious content, or policy-triggered behavior so users or administrators can review and take action.

Introduction

Quarantined emails can be managed through:

  • Email Quarantine Portal.
  • Cloud Portal Mail Gateway.
  • Quarantine email notifications.

Depending on Policy Builder configuration, users can release emails flagged as Personal Quarantine. Admin Quarantine messages are not released by users for security purposes.

Quarantine Logs Viewer

Quarantine Logs show why an email was quarantined. They include filtering phases such as spam detection, antivirus scanning, and other security checks.

When opening a quarantined email, the log view shows:

  • Each stage the message passed through.
  • The reason the message was flagged or blocked.
  • Details from spam engines, antivirus scans, and custom rules.

Access Quarantine Logs

  1. Open Mail Gateway from the Cloud Portal left menu.
  2. Select the relevant domain.
  3. Open the Quarantine tab.
  4. Find the email to inspect.
  5. Open the email to view log details in a modal.

Use quarantine logs to troubleshoot false positives, understand which rule or engine caused a quarantine, and verify security actions for compliance or audit purposes.

Managing Quarantine from Cloud Portal

Users with Cloud Portal access can manage quarantine emails from Mail Gateway.

  1. Open Mail Gateway.
  2. Select the mail domain instance.
  3. Open the Quarantine Emails tab.
  4. Select User Quarantine or Admin Quarantine.
  5. Enter the recipient email address handle.
  6. Click Show to fetch quarantined emails.
  7. Release false-positive emails where appropriate.

Email Quarantine Portal

The Email Quarantine Portal provides organization users with direct access to view and manage quarantined emails.

  1. Open quarantine.cloud.site.sa.
  2. Enter your work email.
  3. Receive a one-time passcode in your inbox.
  4. Enter the OTP to log in.
  5. Review and search quarantined emails.
  6. Release Personal Quarantine emails if your administrator enabled email release.

Note

Users can manage Personal Quarantine emails after the organization administrator enables Email Release in the Policies tab under the organization's Mail Gateway instance.

Quarantine Notifications

After an email is detected and flagged, the system can send a quarantine notification to the user's inbox.

Notifications are sent only after the organization administrator enables Send Quarantine Report in the Mail Gateway Policies tab.

Notifications usually include:

  • Sender of the quarantined email.
  • Subject of the email.
  • Instructions or a link to review and release the email if safe.

Available actions:

Action Description
Release the Email Deliver the email to the inbox when the sender is trusted and the message appears legitimate.
Delete Delete spam, phishing, or harmful email from quarantine.

Email Awareness

Use these signals to identify potentially malicious email.

Signal What to look for
The Push Urgent language or pressure to take a specific action.
Tone and Grammar Language that sounds wrong or includes spelling and grammar issues.
Mismatched Links Links that point somewhere different from what the email claims.
Odd Attachment Type Unexpected ZIP, executable, or unusual attachment types.