FortiMail 200E Inbound Email Sender Reputation

Forum|Forum|9 years ago
March 17, 2017
1 reply
6186 views

I am slowly migrating from a Barracuda 300 to the FortiMail 200E. I am looking at the logs on the FortiMail 200E and noticed that all of the inbound emails show the same client IP address which happens to be the gateway address of the DMZ network in which the fortimail is installed in. The fortimail is in gateway mode and behind NAT.

I had Sender Reputation enabled until my client IP was getting scored high which delayed all inbound email. Is this normal behavior when installed behind NAT?

Could this also be related to the "Extract IP from Received Header" option that I enabled under my AntiSpam Profile?

emnoc

New Member

Most likely not.

The upstream firewall is probably SNAT'ing the clients behind that one-single address which as you indicated is defeating reputation scoring ;)

Flow trace the sessions and remove the SNAT.

nwillia09Author

New Member

Indeed removing the source NAT from my firewall policy resolved the issue. My logs are no longer masqueraded.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded