A little more detail:
When a users reserved conference expires, the user gets an email from "conference.quickconf.<domain>.com".
So the email doesn't come from the users QC account but from the server itself.
The users Outlook then reports it as a phishing attempt.
Ralph