Cymraeg
Hwb

Email Quarantine

Information

Suggested audience: School digital champions, ICT Co-ordinators, Network Managers, local authority technical teams.

Email sent to Hwb users can be quarantined for various reasons. This is automated by our security policies which check many factors when deciding whether the email is clean or should be marked as malicious (spam or phishing). Malicious emails are placed in quarantine to prevent risk to the system and user accounts.

Common reasons for email being flagged as malicious include:

  • Misconfiguration of sender email systems
    Failure to pass industry standard security checks (SPF, DMARC and/or DKIM) result in the email not being trusted.
  • Forwarded emails
    Emails forwarded from another system can break the security chain as the email appears to be coming from a different sender.
  • Sender is on blocked list
    The sender, or the sender’s domain, may be on the Hwb’s blocked list due to previous attacks, or they may have been added to the individual’s blocked senders list on their mailbox.

Non-learners will receive an email notification if they have been sent any email that has been suspected of being SPAM or phishing and placed in quarantine. The notification will show what emails have been quarantined in the last day and include a link to the quarantine portal to view all the quarantined email from the past 30 days. 

Depending on the quarantine reason, actions can be performed on the quarantined email directly from the notification or from the quarantine portal:

  • Preview message - You can preview any of the emails in the quarantine portal to help you decide if they need to be released or deleted.
  • Release (for SPAM emails only) - You can release an email flagged as spam, which will deliver it to your mailbox.
  • Delete message - This will delete the email from the Hwb system and remove it from the quarantine portal. This cannot be undone. Emails will be automatically removed from the quarantine portal after 30 days.

Emails quarantined as suspected phishing need to be requested for release by contacting the Hwb Service Desk.  This is to ensure that the emails have been properly checked and deemed safe - Hwb support can also provide additional information on why they were quarantined.

Only emails you are expecting from trusted senders should be released or requested for release.  You can use the preview option to help you decide if an email is required and safe.

If you are unsure how to tell if an email is malicious, please read our Phishing page.

  • First published 06 October 2023
  • Last updated 06 October 2023