Share via

Strict security preset testing

Anonymous
2024-01-15T16:30:48+00:00

I'd like to test and document all workflows related to the quarantine management when using the Strict Security Present in EOP/M365, but I am having a tough time finding something that could trigger the security policy to send emails to the Quarantine.

I've tried GTUBE but the email gets automatically rejected at the edge, so I'm unable to trigger the quarantine workflow.

I'm interested in doing this for all the Strict Preset policies (malware, phishing, spam, bulk, safe links, etc.).

Is there like a single tool that I can use to do all this, or a set of strings that I could use in emails to trigger the policy and then the quarantine event?

Microsoft 365 and Office | Install, redeem, activate | For business | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-01-15T23:18:43+00:00

    Thanks, I'll try the mail flow rules option as I'm trying to get messages into quarantine. Will update with results.

    Was this answer helpful?

    0 comments
  2. Anonymous
    2024-01-15T18:55:17+00:00

    Dear RaúlMillán

    Good day! Thank you for posting in the Microsoft Community. We'll be happy to help!

    First of all, we apologize for the inconvenience and inconvenience caused to your work. Based on your description, there are a few options you can try to trigger the quarantine workflow for the Strict Security Preset in EOP/M365:

    1. Use the Microsoft Malware Protection Center's EICAR test file. This is a harmless file that is commonly used to test antivirus software. You can send an email with the EICAR test file attached to trigger the malware policy and quarantine workflow. For your reference Virus:DOS/EICAR_Test_File threat description - Microsoft Security Intelligence
    2. Use the Spam Confidence Level (SCL) rating. You can set up a transport rule to assign a high SCL rating to emails that contain specific keywords or phrases. This will trigger the spam policy and quarantine workflow. For your reference Spam confidence level | Microsoft Learn

    It's important to note that these options may not trigger all of the Strict Preset policies, so you may need to use a combination of methods to test all of the workflows. Additionally, it's recommended to test these workflows in a non-production environment to avoid any unintended consequences.

    Meanwhile, if you still need further help, due to the lack of relevant permissions and tools in our forum, in order to better help you and not waste any more of your time, it is recommended that you contact our 365 support team directly to get more suggestions by phone or by submitting a service request in the Admin Center, and they will provide you with further assistance. For details, please refer to the following screenshots or official documents:

    Online support and Find Microsoft 365 for business support phone numbers by country or region

    Image

    .

    Note: Please note that you need to call the hotline on weekdays, (9 a.m. to 5 p.m., Monday to Friday) sincerely apologize and thank you again!

    Thank you in advance for your understanding. Your patience and cooperation will be greatly appreciated. I hope for all the best!

    Sincerely

    Kerry Chen | Microsoft Community Moderator

    Was this answer helpful?

    0 comments