VUmailguard FAQ

Why is a particular email message captured in quarantine?

It is often difficult to ascertain exactly why an email has been captured by VUmailguard. In some sense, this is intentional. Email protection is an ever-increasing arms race with malicious actors crafting innovative ways to defeat filters and email filter makers constantly crafting new, creative detection methods. Quarantined messages typically match one or more of following five categories (as defined by the Microsoft Corporation):

Policy – mail quarantined because it matched a policy set by a mail flow rule
Bulk – mail identified as bulk mail
Phish – mail identified as a phishing attempt
Malware – mail containing malware
Spam – mail identified as spam

Unusual sender behavior commonly increases the likelihood it will be categorized as spam:

Sender does not send from an authorized server (a.k.a., domain is spoofed)
Embedded images linked to remote sites
Numeric IP addresses in URLs
URLs contain redirects to non-web ports
URLs are to non-legacy top-level domains like ".biz" or ".info"

Selecting “Release & Allow Sender” link in my quarantine digest email doesn’t work. New emails from that sender continue to be blocked by quarantine. Why?

The link in your quarantine digest email will attempt to do two things:

Release the relevant email to your Inbox and
Add the sender address to your mailbox Safe Senders List.

Unfortunately, the quarantine service cannot add to your Safe Senders List if your mailbox is not in Exchange Online. Until your mailbox is migrated, we recommend you follow these instructions to populate your Safe Senders List: How to add recipients of my email messages to the Safe Senders List.

How often are quarantine digest messages delivered?

Quarantine digest messages are dispatched every 24 hours. Users will only receive a digest email message if they have received new messages captured by quarantine in the preceding 24 hours.

How long are quarantined messages held?

15 days

How can I access messages currently held in quarantine?

The spam notification digest is a friendly reminder of the previous 24-hours of quarantine activities. Messages held in quarantine can be accessed at any time by visiting the Office 365 Security & Compliance Quarantine website. Connecting requires the primary email address (firstname.lastname@vanderbilt.edu) and password to your active Vanderbilt account.

NOTE: Vanderbilt University alumni do not have active Vanderbilt accounts and should contact VUIT TechHub for assistance in releasing messages in quarantine.

How can I learn more about Exchange Online Protection (EOP)?

To find out more about the inner workings of Microsoft Office 365's EOP, please click the following link: Exchange Online Protection overview