Technical Tip: Blocking outbound emails to specific domains

Description

This article describes how to block outbound emails to specific domains using FortiGate. The user needs to configure a recipient policy and content profile to discard or reject emails sent to a particular domain.

Scope

FortiMail.

Solution

To block outbound emails to a specific domain, follow these steps (for example, the company is using example.com.usa, but the old domain is example.com):

1. Go to Policy -> Recipient Policy and create a new policy (could be outbound, but it works for inbound as well).

2. Configure the policy to match the domain that needs to be blocked, for example, .*@example\.com$.

3. Go to Policy -> Content Profile and create a new profile.

4. Configure the profile to discard or reject emails that match the domain.

5. Apply the content profile to the recipient policy created in step 1.

6. Test the configuration by sending an email to the blocked domain and verify that it is rejected or discarded.

Alternatively, administrators can also use an access policy to block outbound emails to a specific domain. To do this:

1. Go to Policy -> Access Policy and create a new policy.

2. Configure the policy to match the domain that needs to be blocked, for example, .*@example\.com$.

3. Set the action to REJECT or DISCARD.

4. Test the configuration by sending an email to the blocked domain and verify that it is rejected or discarded.

This is common for companies what already changed old domains and migrated to new ones, and users confuse destination domain.