Frequently Asked Questions

Microsoft Defender Quarantine is a feature that holds potentially harmful or suspicious email messages that have been filtered out by Microsoft’s security systems. This prevents these messages from reaching your inbox, protecting you from potential threats like malware, phishing attempts, and spam.

Yes, Microsoft Defender Quarantine is already enabled for your email, and you don’t need to manually enable it. Your IT administrators configure and manage these security features.

• Quarantine: Holds messages that are considered potentially dangerous or highly suspicious. These messages have been identified by Microsoft Defender as containing malware, phishing attempts, or other significant threats. Access to quarantine might be more restricted, and notifications are often sent about quarantined items.
• Junk Email Folder: Contains messages that are identified as spam or unsolicited bulk email. While these can be annoying, they are generally not considered actively harmful. These messages are usually moved directly to your Junk Email folder in your email client.

The default retention period for messages in Microsoft Defender Quarantine is 30 days. After this period, the messages are automatically deleted.

Per organizational settings, if you frequently have emails that get caught up in your quarantine, you will receive a daily TCCS Spam Quarantine Notification email. Emails come from The Claremont Colleges Services <quarantine@messaging.microsoft.com>.

Reviewing your quarantine once a day or a few times a week is a good practice, especially if you are expecting important emails that might have been mistakenly quarantined.

You do not have to take action on every email. Many quarantined emails will be malicious or unwanted, and you can simply let them expire. You only need to take action if you recognize a legitimate email that has been incorrectly quarantined.

1. Access your quarantine (either through the link in the Spam Quarantine notification email or directly by going to https://security.microsoft.com/quarantine).
2. Locate the email you want to preview and check the box to the left.
3. Look for the option “Preview message”. This will open a preview window where you can see the email’s Subject, Sender, and Content without releasing it.

To release a legitimate email from quarantine:

1. While in your quarantine panel, select the email you want to release.

2. Look for a “Release message” or “Request release” option (you will need to request release for High Confidence Phish emails).

The safe senders list is a feature that allows you to specify email addresses or domains that you trust. Emails from senders on your safe senders list are less likely to be sent to your Junk Email folder or quarantined.

Outlook on the web:
1. Go to Settings (the gear icon).
2. Select “View all Outlook settings.”
3. Go to “Mail” > “Junk email.”
4. In the “Safe senders and domains” section, click “Add”
5. Enter the email address or domain you want to add and click “Save.”

Desktop Outlook:
1. Go to the “Home” tab.
2. In the “Delete” group, click the “Junk” dropdown.
3. Select “Junk E-mail Options…”
4. Go to the “Safe Senders” tab.
5. Click “Add…”
6. Enter the email address or domain and click “OK” and then “Apply”

Your organization might also have centralized controls for safe sender lists.

1. Check your safe sender’s list: Ensure the sender’s email address or domain is added to your safe sender’s list.

2. Review your blocked senders list: If you accidentally blocked a legitimate address, remove it from your blocked senders list.

3. Release from quarantine: If the message is in quarantine, release it.

4. Contact your IT support: If the issue persists, contact your organization’s IT support immediately by emailing ITHelp.Desk@claremont.edu or using the IT Support Portal.

The “Request Release” option typically appears for messages that have been quarantined due to stricter security policies or because they were identified as a higher risk. When you request release, the request is sent to your organization’s security administrators for review. They will then decide whether to release the message based on their assessment. This extra layer of scrutiny helps protect the organization from potentially dangerous emails.

Yes, you can typically block specific email addresses or domains. This will usually send their future emails directly to your Junk Email folder or prevent them from reaching you altogether, depending on your email client and organizational settings. You can usually manage your blocked senders list in the same settings area where you manage your safe senders list (as described above).

If you believe Microsoft Defender Quarantine is incorrectly flagging legitimate emails (either incoming or outgoing):

1. Check your safe senders list: Ensure recipients you frequently communicate with are on your safe senders list.

2. Review your email content: Sometimes, certain keywords or attachments can trigger spam filters. Try to avoid using overly suspicious language or attachments when possible.

3. Report false positives: Most quarantine interfaces provide an option to report a message as not junk or a false positive when you release it. This helps Microsoft improve its filtering accuracy.

4. Contact your IT support: If the issue persists or your outgoing emails are being quarantined, contact your organization’s IT support immediately by emailing ITHelp.Desk@claremont.edu or using the IT Support Portal.