add to whitelist or safe senders from quarantine

%3CLINGO-SUB%20id%3D%22lingo-sub-3276304%22%20slang%3D%22en-US%22%3Eadd%20to%20whitelist%20or%20safe%20senders%20from%20quarantine%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3276304%22%20slang%3D%22en-US%22%3E%3CP%3EA%20few%20months%20ago%2C%20there%20was%20an%20option%20to%20add%20the%20sender%20to%20the%20safe%20senders%20list%20when%20approving%20mails%20here.%20Now%20the%20option%20is%20not%20anymore%20there%2C%20after%20releasing%20the%20mails.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3331701%22%20slang%3D%22en-US%22%3ERe%3A%20add%20to%20whitelist%20or%20safe%20senders%20from%20quarantine%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3331701%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F523058%22%20target%3D%22_blank%22%3E%40ExMSW4319%3C%2FA%3E%26nbsp%3Bin%20this%20case%2Cwe%20cannot%20do%20anything%3F%3C%2FP%3E%3CP%3E%3CSPAN%3E%22sender%20to%20the%20safe%20senders%20list%20when%20approving%20mails%20here%22option%20can%20be%20restored%20again%20or%20with%20new%20Microsoft%20policy%20it%20is%20not%20possible%20anymore%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EFor%20example%2C%20in%20the%20past%20if%20the%20administrator%20recieved%20an%20Email%20from%20external%20domain%20in%20the%20quarantine%20He%2FShe%20could%20mark%20this%20email%20as%20*sender%20to%20the%20safe%20senders%20list%20when%20approving%20mails%20here%22%20and%20from%20next%20time%2C%20it%20would%20not%20land%20into%20Quarantine%20anymore.%20Now%20everytime%20the%20same%20sender%20will%20be%20unquarantined%20everytime.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3281400%22%20slang%3D%22en-US%22%3ERe%3A%20add%20to%20whitelist%20or%20safe%20senders%20from%20quarantine%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3281400%22%20slang%3D%22en-US%22%3EThat%20is%20not%20necessarily%20a%20bad%20thing%2C%20as%20(depending%20on%20the%20customer%20organisation)%20it%20could%20lead%20to%20a%20policy%20safe%20sender%20list%20full%20of%20unattributed%20and%20very%20specific%20safe%20senders%20with%20no%20consistent%20policy%20for%20sender%20domains.%20However%2C%20under%20the%20Secure%20by%20Default%20initiative%20there%20is%20no%20denying%20that%20it%20has%20become%20more%20difficult%20for%20administrators%20to%20make%20general%20allowances%20for%20senders%20whose%20sending%20arrangements%20fall%20short%20of%20Microsoft's%20expectations.%20Again%2C%20that's%20not%20a%20bad%20thing%20for%20the%20rest%20of%20us%20if%20it%20forces%20the%20sender%20to%20address%20that%20deficiency%2C%20but%20that%20is%20of%20little%20comfort%20to%20the%20recipient%20administrator%20who%20has%20been%20told%20%22Just%20make%20it%20work%3B%20we%20will%20accept%20the%20risk%22.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3467533%22%20slang%3D%22en-US%22%3ERe%3A%20add%20to%20whitelist%20or%20safe%20senders%20from%20quarantine%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3467533%22%20slang%3D%22en-US%22%3ENo.%20They've%20broken%20it.%20Secure%20by%20Default%20implies%20it%20can%20be%20changed.%20It%20can't.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3496085%22%20slang%3D%22en-US%22%3ERe%3A%20add%20to%20whitelist%20or%20safe%20senders%20from%20quarantine%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3496085%22%20slang%3D%22en-US%22%3E%3CP%3EAllow%20(up%20to%2030%20days)%20is%20available%20when%20releasing%20an%20email%20from%20quarantine%20as%20an%20administrator%20and%20choosing%20%E2%80%9CSubmit%20the%20message%20to%20Microsoft%20to%20improve%20detection.%20(false%20positive).%E2%80%9D%20This%20will%20create%20a%20safe%20and%20temporary%20allow%20entry%20in%20your%20Tenant%20Allow%2FBlock%20List.%20%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

A few months ago, there was an option to add the sender to the safe senders list when approving mails here. Now the option is not anymore there, after releasing the mails.

 

 

4 Replies
That is not necessarily a bad thing, as (depending on the customer organisation) it could lead to a policy safe sender list full of unattributed and very specific safe senders with no consistent policy for sender domains. However, under the Secure by Default initiative there is no denying that it has become more difficult for administrators to make general allowances for senders whose sending arrangements fall short of Microsoft's expectations. Again, that's not a bad thing for the rest of us if it forces the sender to address that deficiency, but that is of little comfort to the recipient administrator who has been told "Just make it work; we will accept the risk".

@ExMSW4319 in this case,we cannot do anything?

"sender to the safe senders list when approving mails here"option can be restored again or with new Microsoft policy it is not possible anymore?

For example, in the past if the administrator recieved an Email from external domain in the quarantine He/She could mark this email as *sender to the safe senders list when approving mails here" and from next time, it would not land into Quarantine anymore. Now everytime the same sender will be unquarantined everytime.

No. They've broken it. Secure by Default implies it can be changed. It can't.

Allow (up to 30 days) is available when releasing an email from quarantine as an administrator and choosing “Submit the message to Microsoft to improve detection. (false positive).” This will create a safe and temporary allow entry in your Tenant Allow/Block List.