Emails that were considered "high risk" in Fortisandbox, Fortimail is letting it go.

Forum|Forum|5 years ago
February 23, 2021
1 reply
2971 views

Good day * There are emails that the FORTISANDBOX has classified as high risk, low risk, malicious; However, FORTIMAIL is classifying it as 'Not Spam' or 'Safe System', despite the severity it presents, it is letting it pass. What is the reason that FORTIMAIL has accepted it, despite the severity that FORTISANDBOX classified it? The logs were reviewed and they do not indicate if the email is malicious or high risk. The domains or emails that are included in the "safe list" of FORTIMAIL, are not going to perform any scan analysis? because in the logs it is observed that despite the severity they are letting FORTIMAIL pass.

abelio

SuperUser

Hi,

whitelisting domains or address is a last resource strategy, not a toy to play with.

Is important to solve email traffic using the several antispam layers available.

If fortisandbox is well integrated and configured with fortimail, an infected email will not pass.

But, if you whitelist domains or e-mails addresses widely, all your efforts will be, literally, wasted

angie1996Author

New Member

gracias por su respuesta amigo. Por lo que me dices, entiendo que si los dominios estan en la lista blanca a pesar que el fortisandbox los catalogue como peligrosos, entonces el fortimail los dejara pasar porque estan incluidos en la lista blanca del fortimail por lo tanto no toma ninguna accion. estoy en lo correcto?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded