2024-06-17

1 new Feature - M365 Quarantine Management
2 new Feature - M365 Message Trace
3 Enhancement - M365 Installer updates and new look
4 Enhancement - Known External Senders Dashboard Visual Cues
5 Enhancement - Child team API Access reporting in Partner Center
6 ENHANCEMENT - Pivot Enhancements

2024-06-17

These updates will be rolling out to all customers by June 19th, 2024.

new Feature - M365 Quarantine Management

If you notice any issue when releasing messages from INKY’s Quarantine, please report to support@inky.com.

INKY has always worked directly with the M365 Quarantine to ensure that all of your messages are maintained within the M365 ecosystem. With Microsoft’s Secure by Default push over the last couple of years we’ve heard request to have more control over the handling of what is in M365’s Quarantine and who put it there, INKY or Microsoft.

Get started with the INKY Quarantine feature by ensuring that the Setup & Maintenance Access API privilege is enabled https://app.inkyphishfence.com/settings/api-access. This access is required to interact with the M365 quarantine.

Once the permission is accepted navigate to https://app.inkyphishfence.com/quarantine to view the list of messages currently in the M365 Quarantine and their status.

Selecting any message will provide the initial details and optionally allow the admin to Preview the message.

Previewing the messages returns the content of the email’s body, as well as the Raw Headers for your review.

At the bottom of the preview an admin can “Release from Quarantine” if they deem appropriate.

When a message is released from Quarantine it may receive a “Released from Quarantine” Threat Category within the INKY Banner. This helps notify the recipient that the message was in Quarantine and even though it may still be initially graded as dangerous normal delivery routing may not apply and always be sent to the inbox.

Finally, if you’d like to filter on all messages that INKY specifically sent to the quarantine you can do so in the normal message list view using a filter. Once you’re on a message that needs to be released from quarantine you can use the Remediation Actions drop down to release directly from there.

new Feature - M365 Message Trace

M365 Message Trace has always been a fundamental way to debug any Microsoft or INKY routing concerns. This new feature now allows you to run a message trace for M365 messages directly within the INKY Console.

Get started with the INKY Message Trace feature by ensuring that the Setup & Maintenance Access API privilege is enabled https://app.inkyphishfence.com/settings/api-access. This access is required to interact with the M365 message trace commands.

Navigate to https://app.inkyphishfence.com/settings/tools and select “Open Message Trace” which will bring up the required parameters to search Microsoft for a given message. Include the appropriate Message ID and Recipient Address then Select Search.

You’ll now see a list of all of the steps a message took through M365 and if it even made it to INKY.

At the bottom of the message trace page, you can copy everything to a clipboard or download the CSV so you can share as needed.

Additionally, if you’re on the Message Detail View you can use the “…” and select the Message Trace option to run a trace for that message immediately.

Enhancement - M365 Installer updates and new look

The M365 installer is getting a slightly different look, which you’ll see in the video below, as well as the backend processing becoming more robust.

There is also a new option to add all users to the IPW-Group on install, that you’ll see as a checkbox option within Step 2.

Enhancement - Known External Senders Dashboard Visual Cues

If a message had a Known External banner, you’ll now see it within the INKY Dashboard and have this text if and only if the message was neutral, from internal or known external, and the "blue banner setting" was enabled at the time of analysis.

Enhancement - Child team API Access reporting in Partner Center

Found on the Partner Center summary page you’ll now see an overview of the API Access grated on each team. Hovering over the cell for the appropriate team will show you the dates the API Access was granted for each one, or not granted if applicable.

ENHANCEMENT - Pivot Enhancements

Pivots from a Message Detail view allow you to build new list based on the selector chosen. We’ve recently enhanced this feature to support pivoting from a deep link message detail view (typically found in report links) and pivot off the Sender IP Address.

Clicking on the star's icon will from within a single message view will allow you to pivot back to the Message List for the particular option selected.
Pivoting off a Sender IP address is now supported.