Topics Map > Features and Functionality
Microsoft 365 - Proofpoint Threat Response
Important: Automated message remediation via TRAP is currently disabled pending further analysis and testing.
What causes this scenario?
- All messages are scanned at the email gateway for malicious content and if they don't match any known threats are delivered to your mailbox.
- After delivery, Proofpoint Targeted Attack Protection determines that the content of the message (ex. links) is actually malicious and removes the message from your mailbox.
- In a small number of instances, further review determines that the message is safe and the message is forwarded back to your mailbox. This is considered a false positive.
- The message appears in your inbox as a forwarded message from the Proofpoint mailbox.
What address will the message come from?
The quarantined message will come from: "Quarantine Proofpoint <proofpoint-quarantine@wisc.edu>"
What other content is added to the forwarded message?
The message will contain the following text:
|
Message has been released from quarantine This email has now been released from quarantine by Proofpoint Threat Response based on the IT Email Security policy. |
What can you do with this email?
The message will appear like any other forwarded email you have received in the past. If you want to reply to the original sender of the email, you will need to find the original sender's email within the message and forward the message to this address.
If you reply to the message, remember to remove "Quarantine Proofpoint <proofpoint-quarantine@wisc.edu>" recipient address before sending the message.