menu Open menu Close menu
Contentexpand_more

USN email quarantine

How to check the USN email quarantine, and how to release emails from the quarantine to your mailbox.

Notification from the USN email quarantine

A notification from the USN email quarantine may look something like this:

Eksempel på varsling fra USN epostkarantenen.

As the example shows, this is a notification about a "spam" email, and there are two buttons one can use:

  • Review Message
    Use this button to open the email quarantine page and have a closer look at the email.
  • Release
    If you are already sure that this is a valid email and you want to release it to your mailbox, use this button.
    • For some types of email (e.g. "High Confidence Phish" and "Malware"), you will instead see a button called "Request Release". If you use this button, an administrator must also approve the request to release the email.

The email quarantine page

The address to the email quarantine page is https://security.microsoft.com/quarantine.  One can open this page any time, there is no need to wait for a notification email (those come app. once per day). If you are expecting an email and it does not show up in your mailbox, you can check the email quarantine page.

If you click on "Review Message" in the notification email from the USN email quarantine, your browser opens and you are asked to log in with your USN account if you are not logged in already in the browser.

You will then see the email quarantine page, where you will see your email quarantine (emails where you are a recipient), and the details about the email in question will open on the right side.

USNs epostkarantene

Here you can see more informaton about the email, such as which email policy blocked the email, and why. In this example, it was the anti-spam policy that blocked it, and the reason was "Spam".

You have a button to release the message, and you can also

  • show the message header. This is for more advanced users.
  • open a preview of the email content
  • delete the email from the quarantine
  • allow the sender, so that future emails from this sender don't en up in the email quarantine
  • block the sender

 

Why are emails with certain types of file attachments blocked?

USN uses an anti-malware policy with the "Common Attachments Filter" activated. This feature intercepts and blocks emails that have file attachments of common, potentially unsafe file types such as .exe, .bat, .js, and .zip (if they contain risky files). The goal is to protect the network against viruses and malware that can spread via email attachments.

This type of protection is not new – Microsoft Outlook has blocked such files for over 20 years, ever since 2001, to prevent threats like the ILOVEYOU virus. Our policy is based on the same principle.

 

Tip: Never send such files as email attachments – it increases the risk for both the sender and the recipient. Instead, use secure alternatives for file sharing:

 

NB! When you release emails from the email quarantine you should be quite sure that the emails are legitimate emails that you actually want to release to your mailbox!

Microsoft video

Here is a video by Microsoft about the email quarantine:

 

 

USN email quarantine

 

 

USN use Exchange Online as our email system. Every day the USN email system receives quite a lot of emails that we categorize as "unwanted". This can be because they are spam, phishing attempts, or the can contain malware.

The defaut setting in Exchange Online is that these types of emails end up in the junk mail folder.

Lately there have been a few cases where organizations/companies (and municipalities) have been hacked in a way that they have lost a lot of important content and IT systems, and must spend great resources in order to get their systems up and running to the degree that is is possible. It is known that emails are one of the primary attack methods that hackers use to gain access to IT systems. In many cases it is sufficient that only one user is compromised in order for the hackers to gain access to the entire mail system, and many other IT systems.

Exchange Online as an email quarantine functionality, where different categories of unwanted email can be stored, instead of reaching the user's mailbox. This is to minimize the risk of a user opening an email that is a phishing attempt or that contains malicious links or malware attachments.

USN have defined some policies that directs most of such unwanted emails to the email quarantine.

The email quarantine system automatically sends out notifications (within 4 hours) to users who have received emails that have been directed to the email quarantine.

west Previous page