The Quarantine is accessible by logging in to GFI MailSecurity. From the Quarantine, administrators can review blocked emails and apply various actions, for example, release a false positive, whitelist the sender or permanently delete emails.

To access the organization's Quarantine:

1. Login to GFI MailSecurity.
2. Key in your Administrator account credentials in the login screen.
3. Choose the Domain Group Administrator role from the top-right corner Role field.

4. Go to Quarantine > Manage Quarantine.

   

   Manage Quarantine page

The Manage Quarantine page shows the emails in quarantine.

Use the Search Filters tab to filter through the list of quarantined emails on a number of different criteria including message type, email address, score, subject and message flow direction.

The following actions may be performed on messages in the Quarantine:

Action	Description
View Message	To safely view a message that is in the quarantine click the From, To, or Subject of a particular quarantined message from the list. This opens the message in a separate window. Note that the images are blocked from this preview to prevent possible inappropriate content. If a message is subsequently released and delivered, then the original images are present.
Release Message	Messages in the quarantine that are misidentified as spam (False positivesLegitimate emails that are incorrectly identified as spam.) can be released for delivery to their intended recipients. Click Release to perform this action.
Delete Message	Users can choose to permanently delete messages one at a time, or in bulk by checking the check boxes of messages to delete. Note that if a message is deleted from the quarantine then that message does not appear in the quarantine report. NOTE Deleted messages are permanently purged and are not recoverable.
WhitelistA list of email addresses and domains from which emails are always received. Sender	Adds the sender of the selected message(s) to the whitelist so that all future emails from this sender bypass the GFI MailSecurity anti-spam engine. Selecting this option also automatically releases the message from the quarantine. Note that the sender email address that is added to the Whitelist is the envelope email address. This is sometimes different from the address that appears in the From header of the message. Check Reporting > History to see the envelope sender email address.

Administrators can enable quarantine reports to be sent to users on a daily basis. A quarantine report is generated for each recipient who has at least one email quarantined.

The report contains a list of items in quarantine and a link for the users to access their personal quarantine.

To enable quarantine reports for the users:

1. Login to GFI MailSecurity.
2. Key in your Administrator account credentials in the login screen.
3. Choose the Domain Group Administrator role from the top-right corner Role field.

4. Navigate to Anti-SpamAn irrelevant or unsolicited email sent over for the purposes of advertising, phishing, spreading malware, etc. Engine > Domains Policies.
5. Choose a domain and click the icon to configure the domain's filtering options.
6. On the Quarantine Report option click Enable.