MC303513 – Microsoft will be retiring the recipient and sender notification configuration in the UI from anti-malware policies starting in March 2022. Instead, Microsoft recommends using quarantine policies, which allow administrators to configure and deliver notifications to recipients.
- Timing: March 2022
- Action: Review and make appropriate changes
How this will affect your organization:
If you have anti-malware policies in your organization which use recipient notifications for quarantined messages, you will need to transition to use the quarantine policies prior to the retirement date. Once this change is implemented, the selections and the resulting notifications will no longer be available in the portal or on the New-MalwareFilterPolicy or Set-MalwareFilterPolicy cmdlets.
In place of recipient quarantine notifications, please use the quarantine policy feature, which is now generally available and is part of the Microsoft 365 anti-malware policies. Admins can use the quarantine policies to specify what users are allowed to do with messages they receive which are quarantined.
Note that notifications from quarantine policies are sent to recipients as a digest at the scheduled time the admin has specified as part of the policy, and not as individual recipient notifications for each quarantined message.
The default quarantine policy that’s used in anti-malware policies, ‘AdminOnlyAccessPolicy’, will not send notifications to recipients. If you want to notify recipients when their messages are quarantined as malware, you need to create a custom quarantine policy with quarantine notifications (end-user spam notifications) are enabled, and then apply that quarantine policy in the Security and Compliance Center.
Review the resources below to learn more: