Release from quarantine and safe list the sender in one click


I recently found a new option you can select when releasing a message from the quarantine. While this option isn’t brand new, I’m not sure when it was added, and so wanted to share for visibility. The TechNet article that references this option is dated from June of this year, so I’m guessing it was added around then.

When an administrator is releasing a message from the quarantine (through the Exchange Online portal), there is a “new” link they can click.

Release selected message and allow sender.

It appears both on this screen:

new-option-1

And on this screen:

new-option-2

If this link is clicked, the message will be released (obviously), and the sender will be added to the Sender Allow List, which is located in the Spam Filter in the Exchange Online portal.

allow-list

In my testing, if you have multiple spam filters, the sender will be added to the Sender Allow List in each of them.

An end user that will not see this option if they log into their online quarantine view. The option to release and safe list is only available in the Exchange Online portal.

One thing to note here, if the message was quarantined because of a transport rule or blocked sender, the sender will continue to be blocked for future messages.

 

Resources

Comments (5)

  1. Matthew says:

    Great article, Andrew. I've always had a sort of love/hate relationship with email address and Domain whitelisting, though. Being in University IT, we see phish emails daily using spoofed email addresses. Seems like whitelisting an email address or a Domain is a good way to allow more of these into user inboxes. What are your thoughts on this?

    1. Hi Matthew, I completely agree with you. I always recommend to never whitelist your own domain, as this gives a spoofer a free ride past the spam filter if they are spoofing your company. You also don't want to get into the habit of whitelisting every domain that you work with. Instead, submit any messages that are incorrectly caught to us so we can adjust our spam filter. On that same token, don't blacklist every domain that sends you spam that gets through as this should be the job of the spam filter. For these cases, send us samples, or open up a case with us so we can take a better look. There's a time and a place for your own white and black lists, but I recommend only using them when you absolutely need to.

  2. turbomcp says:

    welcome back:)
    very interesting as always

  3. Margosd says:

    Andrew, now that Microsoft has shown that they can add a Whitelist entry to all Spam filters, do you anticipate that they will add this feature to the actual section where we manage the Spam filter? I've shied away from using the whitelist entrees there in favor of Transport rules because of needing to add it to each filter. An option to add to all would be great.

    Another great article on your part and thank you.

    1. That is a great question. I have not heard of this coming to the product, but I will submit it as feedback to our product team. I think that would be a great feature.

Skip to main content