Office 365 is configured to quarantine messages that appear harmful to users. Sometimes your message will be held incorrectly and you will need to release it manually. You can review and release selected messages by going to Quarantine Page. You will need to be logged into your Office 365 account to view these held messages.

Once you are logged in, you will be taken to the Threat Management Portal where your messages are held (click the image for a larger version). You will see instructions for reviewing, releasing and blocking these messages. Your Office 365 administrator will configure your tenant to delete these messages automatically after holding them for (x) days. You will want to review the Threat Management Portal daily.

Please be cautious when releasing these messages. They may contain harmful content.

https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69006172111/original/H91e7FNu0A89zmTrYGxN0H1GG9uf9wcNig.png?1628432000

If you are expecting a message and it doesn't show up, be sure to check the Threat Management Portal. There are certain technologies that trigger the quarantine rules.  Email automation tools such as SendGrid, MailChimp, Constant Contact, etc. are used to distribute bulk mail and get caught more often than others. These same tools are used to distribute 2FA codes and password reset information also.

Read more by going here Threat Management Portal