Clear search
Close search
Google apps
Main menu

Set up and manage admin quarantines

As a G Suite administrator, you can configure policies and settings to quarantine messages sent to and from your organization. Quarantines can help prevent spam, minimize data loss, and protect confidential information. They can also help moderate message attachments so that your users don’t send, open, or click something they shouldn’t.

When a message is quarantined, it isn’t delivered to the intended recipient. Instead, it goes to the Admin Quarantine where you can do one of these actions:

  • Allow delivery of the message to the intended recipient

  • Deny delivery of the message

  • Do nothing

Messages sit in the quarantine for 30 days before they are automatically deleted.

What about senders and recipients of quarantined messages?

For a quarantined inbound message, the intended recipient receives no indication of the message unless you release it for delivery.

A quarantined outbound message appears in the sender’s Sent Items folder, but isn’t delivered to the recipient unless you release it from quarantine. If the sender deletes the message from their Sent folder after it appears in quarantine, it still remains in quarantine until you act on it, or until the 30 days pass.


  • You can only operate on quarantined messages from registered G Suite users.

  • Messages can only be quarantined for users, and not groups.

Set up and manage admin quarantines

You create quarantines and set up policies and settings in the Google Admin console. You can also choose to be notified periodically when messages are quarantined.

Add, edit, and delete quarantines

In the Google Admin console, you can:

  • Review current quarantines in place

  • Add new quarantines

  • Edit or delete existing quarantines

The quarantine settings include a default quarantine. You can’t edit the name or description, or delete this quarantine.

You also can’t delete a quarantine that's being used by one or more policy settings. To delete an active quarantine, go to the relevant setting and point it to a different quarantine. If you delete a quarantine, all existing messages in that quarantine are moved to the default quarantine.

To add or edit a quarantine:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console dashboard, go to Appsand thenG Suiteand thenGmailand thenAdvanced settings.

    Tip: To see Advanced settings, scroll to the bottom of the Gmail page.

  3. At the top, click Quarantines. The screen shows the quarantines currently in place.

  4. To add a new quarantine:

    1. Click Add Quarantine.

    2. Enter a name and description.

    3. For incoming and outgoing messages, choose whether or not to send a reject message to the sender when you deny delivery of a quarantined message.

    4. (Optional) Select Notify periodically when messages are quarantined.

    5. Click Save.

  5. To edit an existing quarantine, click Edit to the right of the quarantine name and make any updates.

To delete a quarantine:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. From the Admin console dashboard, go to Appsand thenG Suiteand thenGmailand thenAdvanced settings.

    Tip: To see Advanced settings, scroll to the bottom of the Gmail page.

  3. At the top, click Quarantines. The screen shows the quarantines currently in place.

  4. Click Delete to the right of the quarantine name and confirm. Any existing messages in that quarantine are moved to the default quarantine.
Configure policies to quarantine messages

In the Admin console, you set up and configure policies to quarantine messages using any of these Gmail settings:

For each setting, you can quarantine messages that match the configuration criteria and then select the quarantine for the selected messages. For the compliance and routing settings, you can also choose to notify your internal senders when their outbound and internal-sending messages are quarantined.

Manage quarantined messages

After setting up and configuring policies for a quarantine, you can review and act on the quarantined messages.

To open the Admin Quarantine:

  1. Go to the Admin Quarantine.

  2. Sign in with your G Suite username and password. You must have Gmail administrator privileges to sign in. Otherwise, you'll see an error message.

Inbound and outbound messages

Messages appear with the name of the quarantine and whether it's inbound or outbound.

If an inbound message includes multiple recipients, the message appears in the quarantine once for each recipient. For example, a message with 5 recipients appears in the quarantine 5 times, once per recipient.

By contrast, an outbound message that you allow to be delivered is quarantined only once before it’s delivered. Therefore, if you plan to quarantine internal mail, configure the quarantine to Internal - Sending, instead of Internal - Receiving. That way, only one message is quarantined before it’s delivered to the individual recipients.

Tip: To avoid filling the quarantine with a large number of messages, we recommend that you don't have large email lists open to receiving messages from the public.

View and manage quarantined messages

Action How to do it

View quarantined, allowed, and denied messages

By default, all quarantined messages appear in the list when you sign in. To sort the messages, click a label on the left. If you don't see the quarantine list on the left, click Menu Menu.

Only messages received in the last 30 days appear in Denied or Allowed. If you don’t act on or deny a message after 30 days, it’s automatically deleted from the quarantine.

View message content

Click the message in the list.

Search for messages

Enter a search term in the field. The search returns currently quarantined messages from the default quarantine and any quarantines you create. It doesn’t search Denied or Allowed messages.

The entire message is searched, including the sender and recipient address, subject, and message body. You can use advanced search operators to search a particular part of the message.

Allow delivery of one or more quarantined messages

Check the box to the left of each recipient name, and then click Allow.

If a user doesn’t see an allowed message in their inbox, ask them to search for the message in all folders, including the Trash folder.

Note: Some messages are so spammy that they're rejected at connection time. Those messages will not be routed to admin quarantine, even if you selected the "Put spam in administrative quarantine" option in your Spam setting.

Deny delivery of one or more quarantined messages

Check the box to the left of each recipient name and then click Deny. Click Deny again to confirm.

Notes on rejection notices:

  • When you deny a message, the quarantine either drops the message or sends a default rejection notice, depending on the currently selected quarantine.
  • If a message appears in multiple quarantines, the action taken depends on which quarantine is currently selected, even if the other quarantines are set up to perform a different action.
  • All messages appear in the default quarantine. If you reject a message in the default quarantine, the reject action that's been set up for the default quarantine is applied.

Bulk Action

When you begin selecting messages, the bulk action option becomes available. Unlike the Select All box, which only applies to messages in your current view, you can deny or approve all messages in the selected quarantine or search results using bulk action.

Send reject messages

If you choose to send a reject message when you deny a quarantined message, there are a few things to keep in mind:

  • If you deny an inbound message sent to multiple recipients in your domain, the sender receives a reject message each time you select a group of recipients to deny. To get around this, you can check the boxes for all message recipients so that the sender receives a single reject message containing the entire list of rejected recipients. If you don’t select all recipients and later reject other recipients, the sender receives a second notification.
  • Reject messages include the subject of the original message as part of the body of the reject message. Therefore, if the term that caused the original message to be quarantined appears in the subject, the reject message may also be quarantined when the message is denied, depending on if you set up the quarantine to include either Outbound or Internal - Sending messages.
  • If you deny an inbound group message, a reject message is not delivered to the sender. The reject message is simply dropped.
Receive quarantine alerts

If you select the Notify periodically when messages are quarantined option when you add or edit a quarantine in the Admin console, you'll periodically receive alerts when new messages are quarantined.

The quarantine alerts show the following for the quarantines configured to receive alerts:

  • The number of messages received for each quarantine.

  • The total number of messages quarantined during the notification interval.

You'll be notified of newly-quarantined mail within an hour of its appearance in admin quarantine. The frequency and timing of the alerts will vary based on how often new quarantined mail arrives, but will never be more than once hourly.

NOTE: It’s important to note that the quarantine summary report and Admin quarantine are not the same. Learn more.
Was this article helpful?
How can we improve it?
Sign in to your account

Get account-specific help by signing in with your G Suite account email address, or learn how to get started with G Suite.