Exchange server quarantine

Question

One of our clients emails is consistently being sent to the Quarantine folder, labeled as "High Confidence Phish". How can this be prevented/stopped? Can these emails be allow thru?

Answer 1

Hi @Haughton Morgan ,
I agree with what Andy said.

1. You could run the following command to create the transport rule. This transport rule is that when the from in the header field of the email is ******@domian.com the SCL value of this email is set to -1. -1 means from a trusted sender, so the message bypasses spam filtering. New-TransportRule "Safe Sender" -HeaderContainsWords "Client@keyman .com" -HeaderContainsMessageHeader From -SetSCL -1

For more information you could refer to: The spam confidence level stamp and New-TransportRule

2.You could add the client’s email address to Safe Senders List in Outlook, the email from addresses on your Safe Senders List will never be treated as junk email.

---

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

Absolutely!

Choose one of these options:

The best from the admin perspective is a mail flow rule:
The available safe sender lists are described in the following list in order from most recommended to least recommended:

Mail flow rules
Outlook Safe Senders
IP Allow List (connection filtering)
Allowed sender lists or allowed domain lists (anti-spam policies)

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365?view=o365-worldwide

Option 4 is not a good choice. I would use a mail flow rule or ask your users to add the specific sender to their safe sender list.