MicrosoftHello a-yates ,
Thank you for your comments on the 'user notifications option' in the Anti-malware policy and the benefit of the notification (with the email body intact and without the attachments). As noted, this user notification option is being deprecated in favor of quarantine notifications.
We did observe that sometimes malicious users send emails with malicious attachments and also URL links in the body of the email (and the links being weaponized few hours after the delivery). In these specific scenarios, the user notifications with the body of the email will still pose a risk to the user as the URLs are weaponized (delayed). While the Safe Links Time of Click does provide protection for these delayed weaponized URLs, the Safe Links is part of the premium SKU and not part of EOP. So, it was decided to deprecate the user notifications to mitigate this risk.
For your ask of an option to release the body of the email without the attachments for any of the malware quarantined emails, it will be a new feature request and comes under the Quarantine feature.
