You are following the documentation on how to set up Email Quarantine:

Configuring the Enforce Server to sync with Email Security.cloud Email Quarantine

and

In step 2, the instructions state "... When Email Security.cloud receives the message, it inspects the relevant headers.  Based on these headers, it quarantines the message."

But you want to know how to set the required options in your Email Security.cloud account.

Release : 15.8

Component :

• Cloud Service for Email Response Rule
• Email Security.cloud Email Quarantine

DLP Cloud Service for Email customers in "forwarding mode" have the "Email Quarantine" feature in Email Security.cloud enabled as part of their service.

However, the configuration of the quarantine policy is actually a Data Protection configuration within Email Security.cloud.

In ClientNet (aka the Email Security.cloud portal), go to Dashboard > Services > Data Protection.

1. Click on "New Policy".
2. Set "Apply to" to "Outbound Email only".
3. Select "Quarantine" from the "Action" drop down.
4. Add Administrator email(s) as required.
5. Click "Add Rule".
6. The rule condition in this case should be "Content Keyword List".
7. You will need to create a new Content Keyword List for this action - the keyword in question is given at the DLP documentation page above: "X-dlp-uniquemsgid". When you save this new list the rule is updated with the header string.
8. Set the rule to "Look in" the "Header" of outgoing messages.