ThreatSpike Quarantined Email Release Guide
Table of Contents
1 Overview
1.1 Document Information
All information about this document can be found in the following table:
1.2 Document Aim
This document is to be used as a guide for users to release emails that are held in quarantine by the ThreatSpike Email Gateway.
1 What is a Quarantine Digest Email?
ThreatSpike will sender users email digests to their inboxes. These digest emails contain a list of quarantined emails that were destined for the users inbox, but have been quarantined by the email gateway. Emails get quarantined for a variety of reasons including spam, phishing and authentication failures.
An example of a digest email can be seen below:
2 How to release an email in quarantine?
If a legitimate email gets quarantined, users need to complete the following steps in order to release it to their inbox.
- Click the blue hyperlink in the digest email.
- This will redirect the user to the ThreatSpike portal in a web browser. No logon is required.
Users can see the sender and subject of the quarantined emails. If a user believes an email is legitimate and wants it to be released, all they need to do is click the “Request Release" button next to the email.
This will forward the email to an on-shift SOC analyst for a final review to determine whether it is safe for release. If deemed safe, the email will be released. We guarantee email review and release within 1 hour of the requested release, however users can expect to wait roughly 10 minutes in most cases.
- How
long from release to delivery to inbox, message says an hour? Once released, the email will be delivered immediately to the user's
inbox. The 1 hour is our SLA for reviewing emails which users have
requested to be released. We don't automatically release emails which users ask
for because users just end up phishing themselves.
- If
something has been automatically released, how to we add the sender to
quarantine future messages if we don’t want them released? At the moment you should notify us on soc@threatspike.com if you want an email
address blacklisted
- Is
there a way we can add exclusions to known domains on a user level basis? Not currently, exclusions can only be added for the whole tenant.
- As we are reviewing our quarantine emails the ones that we do NOT
release…. will they remain blocked for future? Yes, these will be blocked and remain in quarantine indefinitely. So if the user selects “Hide” it would stay in there and be blocked in
the future
Related Articles
Hilton Account - MFA Setup Guide
Hilton Owners Portal – Multifactor Authentication (MFA) Setup Guide Overview To enhance security, Hilton requires Multifactor Authentication (MFA) for access to its Owners Portal and associated applications. This guide outlines the steps for new ...Island Enterprise Browser - Installation Guide
Installation Guide If your device is Managed by Marriott, Island Enterprise Browser will be installed for you. How do I know if my device is Managed by Marriott? On Windows, follow Microsoft's guidance to see installed apps and search for Bigfix. If ...Self-Service Password Reset (SSPR) User Guide
Step 1: Register for SSPR Sign In: What You See: A sign-in page where you enter your Office 365 username and password. Action: Go to the Office 365 sign-in page and log in with your credentials. Office 365 Sign-In Page: office.com Registration ...Island Enterprise Browser - Post - Installation Guide
Post-Installation Guide Once Island Enterprise Browser has been installed, double-click the Island shortcut located on your desktop or start menu: To access Island Enterprise Browser, you must first login with your Marriott EID and password. Enter ...Add Shared Folder to Teams
? How to Add a Shared Folder from SharePoint or OneDrive as a Tab in Microsoft Teams This guide explains two methods for adding shared folders from SharePoint or OneDrive as tabs in Microsoft Teams channels, making access easier for team members. ✅ ...