Using The Quarantine Reports
Quarantine reports in EDS can be scheduled for delivery at specific times, with a minimum frequency of once per day and a maximum of four times per day.
In the quarantine report, you will find a legend that quickly summarises the meaning of the different results, as well as a table listing all messages quarantined for a specific user and their aliases (such as groups, distribution lists, or secondary addresses).
Each message displays the date and time, sender, recipient, subject, EDS’s risk level, and the main reason the message was quarantined (e.g. ‘Infected’).
Users who receive a quarantine report can perform a set of actions on each message depending on the permissions assigned to them. In general, users can either release quarantined messages themselves or request that an administrator release the message.
The content of the report is not cumulative, meaning it will only display newly quarantined messages that were not included in previous reports.
If no new messages have been quarantined when the report is scheduled for delivery, no report is sent. Therefore, every report delivered to a user will contain at least one new quarantined message.
Below we can see an example of a quarantine report:
In order to perform any of the available actions from the Quarantine Report, users must authenticate or already be signed into EDS.
Authentication can be completed by either using our passwordless authentication feature or by leveraging the integrations available in EDS to authenticate with your existing credentials (for example, if the user is from M365, EDS will allow them to use those credentials).
Password-less Authentication
Passwordless authentication is one way to sign into EDS and perform actions from the Web UI or directly from the Quarantine Report.
Below are the steps to complete passwordless authentication:
- Click on the ‘Click here for passwordless authentication’ link at the top right of the Quarantine Report.
- This will open an EDS page where you can send a confirmation email to your mailbox. Press the ‘Send email’ button.
- After pressing the button, a new message will be sent to you. This message contains a link to authorise your device.
- Once the device has been authorized the user will find himself logged into EDS and he will be able to perform actions from the Quarantine Report
Quarantine Report Actions
Depending on the permissions assigned to your EDS account, you will be able to perform different actions for each quarantined message directly from the Quarantine Report by clicking the corresponding link.
To perform any action, the user must be authenticated in EDS. If not already authenticated, the action link will redirect the user to the login page. The available actions include:
- View: View the body of the message directly in EDS.
- Ask to release: Send a request to an EDS administrator to release the message. You may be asked to provide a reason for the release.
- Release: Release the message on your own. EDS will generate a new copy of the message, which will be sent to the recipient without being sanitised. This should only be done for messages you are certain are false positives.
- Release & Welcomelist: Similar to ‘Release’, but a Welcomelist entry is also created for the sender to the recipient of the message.
- Blocklist: Create a Blocklist entry in EDS for the sender to the recipient of the message. Blocklisted messages are automatically quarantined.
Authenticate Into EDS
As a user, you can log into the service and perform several actions, such as:
- Search and view both clean and quarantined messages for all the addresses you manage.
- Release or request the release of quarantined messages.
- Compose new messages or reply to existing ones (useful for email continuity).
- Manage your Welcomelist and Blocklist entries.
To access your EDS login panel, go to <your-EDS-fqdn> (e.g., demo.esvacloud.com) and authenticate.
If your account is integrated (for example, via Microsoft 365), you can enter your email address, and you will automatically be redirected to the integration login page (Microsoft or Google). From there, you can log in with your corresponding credentials and will be redirected back to EDS, where you will be logged in.
If your account is integrated via LDAP, you can use the same username and password as your domain credentials. In this case, no redirection occurs.
If you are a local EDS user, you can use the username and password provided by the Administrator or the person who created the account.
In EDS’s Search, the default view displays all messages, including those that were rejected or deferred at the SMTP level.
You can filter the type of messages shown or searched using the drop-down menu, allowing you to display only specific types of messages, such as Clean messages.
In the Search function, you can filter messages, and by clicking the ‘eye’ icon on the right of a message, you can view its body and perform various actions based on your user privileges.
For example, when a message is opened, the available actions—such as reply, forward, release, etc.—will be displayed at the top. Users will see different actions depending on their permissions.
EDS also offers email continuity, allowing users to reply to messages directly from EDS’s interface or compose a new message from any of the addresses they manage.
If a user manages multiple addresses, they can select the ‘From’ address using the drop-down menu.
