Mastering Admin Email Quarantine for Google Apps for Work

The purpose of Admin Quarantines for administrators is to moderate messages or enforce message flows that meet an organization’s criteria for email security.  Previously, the Admin Quarantine feature was offered within Postini. But now, Google Apps users can use this feature.

Policies for Admin Quarantine can be configured by the administrator to stop delivery of a suspect message to the intended recipient.  The suspect messages will then be stored in the administrator’s Quarantine Review Console where the administrator can decide which message will be delivered after the review process.

For example, the administrator can quarantine all of a user’s inbound and outbound email messages, and then the admin can approve or deny after the audit process.

Here’s how:

  • Go to Google Apps Admin Console, and move to [Apps > Google Apps > Gmail > Advanced] settings.
  • Click on [Quarantine] tab. Then Click on a [Add] Button on the left side to pop up “Add Quarantine”.  
  • Enter a name, and description for the quarantine web page.

  • Click on [General Settings] tab. Then scroll down to the ‘Content compliance’ section: .


  • Click [Add Another] to add a new setting.
    (the “Add setting” dialog box will appear. If this is first quarantine, you will find “Configure” button).

Screen Shot 2015-04-20 at 10.31.00 AM.png
  • On a Content Compliance pop-up window, check everything under the “1.Email messages to affect” to make all kinds of messages being under the control of this feature. including  inbound and outbound messages .
  • And choose [IF ANY of the following match the message].


  • Then add “Expressions” for sender and recipients.

For Recipient:
Choose “Advanced content match”, and location as “Recipient header”, Match type “Contains text” and Content as domain name so the system detects by email header and contents of domain users ( here, as a sample domain).


For Sender:
Likewise, choose “Advanced content match”, and location as “Sender header” this time, Match type “Contains text” and Content as a domain name so the system detects by email header and contents of domain users.


For #3 in a Content Compliance pop-up, Select [Quarantine messages] and choose the quarantine name, which has been created. After this, emails will be stored in a quarantine web page.


Lastly, #4 Options; You can create an exception to bypass this rule. Click [Add] and enter the email address that this rule doesn’t apply. Click on [Save] button to complete.


It will take a few hours until the content compliance with Admin Quarantine is activated. Admin can review and act on messages in the Quarantine Manager website at

Select the quarantine web page name and it will fetch the list of email messages.  You can select the email message to look at the contents and select [Allow], or [Deny] of message delivery. If [Allow] is selected, messages will be delivered to the intended recipient. If [Denied], the message will be deleted and not be delivered.



  • Another example
    If you want to reject an email user to send email, you can set up a rejection rule in a Content Compliance.  For example, this user above is forbidden to send email to internal and external users.  This user will obtain a pop-up in his gmail with a rejection notice.


In summary, The Email Quarantine is a powerful tool for administrators to control email flow in organizations. This feature can be used for spam filtering, email archiving, message auditing, or even for tweak email communications.

Join Netkiller’s weekly webinar for Google Apps and Cloud solutions. Click here to check the agenda and register today. We look forward to seeing you online on Wednesday!

Your Netkiller Team


Contact us