With regard to email security, sandboxing is an advanced threat protection technique which offers an added layer of defense such that any email that passes through an email spam filter and still contains unknown URL links, file formats, or suspicious senders can be tested before being delivered to your mail server.
In sandboxing, you create an isolated test environment, called a sandbox, in which execute a suspicious attachment or URL that is attached to an email or otherwise reaches your network. You then observe what happens once it is executed. If the attachment or URL displays malicious behavior, then you have discovered a new threat. The sandbox must be a secure, virtual environment that accurately emulates the CPU of your production servers.
Sandboxing is particularly effective at protection against zero-day attacks or zero day threats as these are new threats that are yet to be identified by email spam filters.