cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Entra Tech Accelerator
Jun 27 2023, 08:00 AM - 12:00 PM (PDT)
Microsoft Tech Community
Find out more
SOLVED

Quarantine or block specific (pre-existing) emails?

Bob Manjoney
Regular Contributor

‎Oct 19 2016 08:35 AM - last edited on ‎May 24 2021 01:58 PM by

‎Oct 19 2016 08:35 AM - last edited on ‎May 24 2021 01:58 PM by

Quarantine or block specific (pre-existing) emails?

Forgive me if this is the wrong group.

 

Office 365/E3. Some of our users have been receiving a specific phishing email today in their regular inbox (from the same sender, same subject line, payload, attachments) that attempts to phish their Google Doc login details.

 

Is there any way for me to, as a global admin, to search for and somehow "quarantine" (not sure if that's the right term) these specific existing mails across the tenant/organization? I don't want users to continue to click on these emails as they encounter them in their inbox. Going forward I know I can somehow block them, but what to do about all the ones that have already been delivered/received?

 

Thanks,

Bob

Labels:
752 Views
0 Likes
2 Replies
Reply
2 Replies
best response
Vasil Michev

‎Oct 19 2016 11:41 AM

‎Oct 19 2016 11:41 AM

Solution

Re: Quarantine or block specific (pre-existing) emails?

Best you can do is purge them via Search-Mailbox. Or simply report them (https://technet.microsoft.com/en-us/library/jj200769(v=exchg.150).aspx) and let ZAP do it's magic.

1 Like
Reply

‎Oct 19 2016 11:48 AM

‎Oct 19 2016 11:48 AM

Re: Quarantine or block specific (pre-existing) emails?

Thanks, Vasil!
0 Likes
Reply