Title
Create new category
Edit page index title
Edit category
Edit link
Quarantine
The Quarantine page provides information of blocked and modified emails, including some basic metadata. Each entry is linked to an Event (See Events).
Search and Filtering Options
Search Bar: Search by Quarantine ID or email-related keywords.
Verdict Filter: Narrows down events by verdict (e.g., Malicious, Suspicious, Failure to Analyze, Encrypted Content).
Time Range: Narrows down events by time range.
Advanced Filters: Search and refine event results using multiple parameters such as
Verdict
Status
Quarantine reason
Message ID
Quarantine ID
Subject
SMTP Sender
From: address
Recipient
Policy Name
Quarantine List (Blocked & Sanitized Originals)
Each row in the list represents an email with the following details:
Quarantine ID: Unique identifier for the quarantined message.
Time of Event: When the email was detected and quarantined.
Policy: Indicates the Policy that applied for the the content.
Verdict: See Verdicts.
Details: Link to the related event for deeper investigation.
Delete & Release: Perform action on the quarantined entry. Actions can also be performed from the Actions Panel.
Viewing Details
Clicking the arrow next to a Quarantine ID expands detailed metadata about the quarantined email, including:
Item type: Type of content.
- View headers: View the email header for analysis.
Affected User: The user(s) affected by the event.
Sent at: Timestamp of when the email was sent.
Received at: Timestamp of when the email was received.
Message ID: Unique email message identifier.
Subject: The subject of the email.
Sender & Recipients: Sender's email address and SMTP server details.
From, To & Cc: Identify the sender and recipients listed in the email header.
Received from: Endpoint from where email was received.
Size: Email content size.
Actions
To the right of each quarantined email are action icons:
View Event: Opens the associated event for detailed threat analysis. See Viewing Event details.
Delete: Permanently removes the email from the system
Release: Delivers the email to the intended recipient if deemed safe
These actions can help administrators quickly manage threat resolution or allow legitimate emails that were flagged in error.