ThreatSpike Quarantined Email Release Guide
Table of Contents
1 Overview
1.1 Document Information
All information about this document can be found in the following table:
1.2 Document Aim
This document is to be used as a guide for users to release emails that are held in quarantine by the ThreatSpike Email Gateway.
1 What is a Quarantine Digest Email?
ThreatSpike will sender users email digests to their inboxes. These digest emails contain a list of quarantined emails that were destined for the users inbox, but have been quarantined by the email gateway. Emails get quarantined for a variety of reasons including spam, phishing and authentication failures.
An example of a digest email can be seen below:
2 How to release an email in quarantine?
If a legitimate email gets quarantined, users need to complete the following steps in order to release it to their inbox.
- Click the blue hyperlink in the digest email.
- This will redirect the user to the ThreatSpike portal in a web browser. No logon is required.
Users can see the sender and subject of the quarantined emails. If a user believes an email is legitimate and wants it to be released, all they need to do is click the “Request Release" button next to the email.
This will forward the email to an on-shift SOC analyst for a final review to determine whether it is safe for release. If deemed safe, the email will be released. We guarantee email review and release within 1 hour of the requested release, however users can expect to wait roughly 10 minutes in most cases.
- How
long from release to delivery to inbox, message says an hour? Once released, the email will be delivered immediately to the user's
inbox. The 1 hour is our SLA for reviewing emails which users have
requested to be released. We don't automatically release emails which users ask
for because users just end up phishing themselves.
- If
something has been automatically released, how to we add the sender to
quarantine future messages if we don’t want them released? At the moment you should notify us on soc@threatspike.com if you want an email
address blacklisted
- Is
there a way we can add exclusions to known domains on a user level basis? Not currently, exclusions can only be added for the whole tenant.
- As we are reviewing our quarantine emails the ones that we do NOT
release…. will they remain blocked for future? Yes, these will be blocked and remain in quarantine indefinitely. So if the user selects “Hide” it would stay in there and be blocked in
the future
Related Articles
Island Enterprise Browser - Installation Guide
Installation Guide If your device is Managed by Marriott, Island Enterprise Browser will be installed for you. How do I know if my device is Managed by Marriott? On Windows, follow Microsoft's guidance to see installed apps and search for Bigfix. If ...Island Enterprise Browser - Post - Installation Guide
Post-Installation Guide Once Island Enterprise Browser has been installed, double-click the Island shortcut located on your desktop or start menu: To access Island Enterprise Browser, you must first login with your Marriott EID and password. Enter ...MARRIOTT Asset Ordering & Support - Insight eProcurement
The Marriott Tech support number: 240-632-6000 Additionally, you may contact the Marriott Service Desk via the Marriott Service Portal (a Marriott EID is required for access) eProcurement Get Empowered! Use eProcurement to order your technology ...Office365- POP, IMAP, and SMTP settings
The following is taken from the MS Support Site.....Link Below: https://support.microsoft.com/en-us/office/pop-imap-and-smtp-settings-8361e398-8af4-4e97-b147-6c6c4ac95353 You can use Outlook to read and send mail from Yahoo, Gmail, Hotmail, and other ...After Hours O365 Password Support
Support for password resets is available 24/7/365 through Cybertek email: Mssp-support@cybertekmssp.com Support Phone: 1-888-464-5144 For more urgent (aka Account Lockouts) please call the support phone to expedite the reset.