Restoring Quarantined Emails - End-User Experience

After the administrator approves an end-user request to restore an email from quarantine, Harmony Email & Collaboration performs these actions:

  • Removes the quarantine/clean email notifications received for the quarantined email from the end-user mailbox.

  • Adds the original email to the end-user mailbox, where the email received time is the restore time of the email from quarantine, but not the original email sent time.

This example shows the initial email received by the end-user.

This example shows the same email received by the end-user after the administrator approved the restore request.

Note - The initial email received by the end-user is removed and the restored email gets delivered as a new email to the end-user mailbox. The email received time is the restore time of the email by the administrator, but not the original email sent time.

Who Receives the Emails Restored from Quarantine

  • Emails quarantined by Check Point:

    • Depending on the configured workflow, Harmony Email & Collaboration delivers the email only to the requesting user or to all the original recipients.

      • If the user restores the email without administrator approval, Harmony Email & Collaboration delivers the email only to the requested user.

      • If the administrator releases the email from quarantine, Harmony Email & Collaboration delivers the email to all the original recipients of the email.

  • Emails quarantined in Microsoft:

    • Harmony Email & Collaboration delivers the restored emails to all the original recipients regardless of whether it is restored by the user or the administrator.

Notifying End Users about Rejected Restore Requests

To notify end users when their quarantine restore requests are rejected:

  1. Go to Security Settings > User Interaction > Quarantine.

  2. In the Restore Request Feedback section, select the Notify users when their restore requests are declined checkbox.

  3. To configure the sender email address for notifications, do these:

    • Friendly-From name

      • If no friendly-from name is required, select None.

      • To use a customized name, select Custom and enter the sender name.

    • From address

      • To use the default email address, select Default. The default email address is no-reply@checkpoint.com.

      • To use a custom email address, select Custom and enter the email address.

    • Reply-to address

      • To use From address as the Reply-to address, select Same as From address.

      • To use a custom email address, select Custom and enter the email address.

    Note - If you use custom email address:

    • The domain must be one of the domains included in your organization's Microsoft / Google account.

    • You must add the Check Point include statement to the domain's DNS. The custom address won't take affect until the include statement is available in your organization's DNS.

  4. Click Save and Apply.

Note - This will also enable end user notifications for approved and rejected phishing reports. See Reviewing User Reported Phishing Emails.

To configure the notification subject and body:

  1. Go to Security Settings > SaaS Applications

  2. To configure the notification for Office 365 Mail, click Configure for Office 365 Mail.

  3. To configure the notification for Gmail, click Configure for Gmail.

  4. Scroll-down to Advanced and edit these templates:

    • Decline message subject

    • Decline message body