This cmdlet is available only in the cloud-based service.

Use the Preview-QuarantineMessage cmdlet to preview the contents of quarantined messages in your cloud-based organization. This cmdlet doesn't work on files that were quarantined by Safe Attachments for SharePoint, OneDrive, and Microsoft Teams.

Note: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see Connect to Exchange Online PowerShell.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.


       -Identity <QuarantineMessageIdentity>


You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.


Example 1

Get-QuarantineMessage -MessageID <> | Preview-QuarantineMessage

This example previews the quarantined message with the Message-ID value <>.

Example 2

Preview-QuarantineMessage -Identity c14401cf-aa9a-465b-cfd5-08d0f0ca37c5\4c2ca98e-94ea-db3a-7eb8-3b63657d4db7

This example previews the quarantined message that has the specified Identity value.



The Identity parameter specifies the quarantined message that you want to preview. The value is a unique quarantined message identifier in the format GUID1\GUID2 (for example c14401cf-aa9a-465b-cfd5-08d0f0ca37c5\4c2ca98e-94ea-db3a-7eb8-3b63657d4db7).

You can find the Identity value for a quarantined message by using the Get-QuarantineMessage cmdlet.

Default value:None
Accept pipeline input:True
Accept wildcard characters:False
Applies to:Exchange Online, Security & Compliance Center, Exchange Online Protection