M365 Changelog: Request/Release workflow for quarantined messages

MC244732 – Updated July 13, 2021: Microsoft has updated the rollout timeline below. Thank you for your patience.

With this new quarantine policy, tenant admins will be able to configure end user access to messages quarantined by the Exchange Online Protection (EOP) anti-spam, Microsoft defender for office 365 (MDO) anti-phishing, anti-malware and Microsoft defender for office 365 (MDO) safe attachment policies. End users will also now have a process to request message release.

This message is associated with Microsoft 365 Roadmap IDs 62449 and 62450

When this will happen

  • Microsoft will be gradually rolling this out to standard release customers at the early April. They expect the rollout to be complete by the end of August (previously end of June).
  • Microsoft will be gradually rolling this out to government clouds beginning in early June, and they expect to be complete by the end of August (previously end of June).

How this will affect your organization

The EOP anti-spam, anti-phishing, anti-malware and safe attachments will now allow for more granular control of recipient actions. As part of these new granular controls end users will be able to request the release of a message. These granular controls are set up by admin.

Previously, admins were unable to alter end user access for messages quarantined by the default policies.  

Before this new end user release workflow, end users who had access to preview a quarantined message had no direct way to request that the message be released. Instead, they had to manually ask an admin to release messages.

Note: these policy changes will not impact existing end user access controls. Changes will be managed by the Admin.

What you need to do to prepare

Once the changes are rolled out, the Admin will be able to customize the default end user access for the anti-spam, anti-phishing, anti-malware and safe attachments policies. This does not affect any previously customized policy settings.

If you want to modify the current default end user access to the anti-spam, anti-phishing, anti-malware and safe attachments policies, you can do so once the feature is available in your tenant.

Learn more: