Explorer

Solved

Fortimail personal quarantine

Forum|Forum|3 years ago
July 7, 2022
4 replies
6197 views

Hello,

Fortimail in gateway mode(DMZ)
I want to create Fortimail personal quarantine for all users in a domain.
Do I need to connect Fortimail to AD LDAP and than configure personal quarantine?
I have 1000 domain(exchange) users.
Any advice how to do create personal quarantine
Thank you

FortiMail

Best answer by AEK

You don't need to configure LDAP on FML to setup personal quarantine on FortiMail.

In your filtering profile(s) just set the action of a failed check (or default action) to PersonalQuarantine and then your FortiMail will send automatically any quarantined mail to the recipient's personal quarantine folder on the FortiMail.

You can then, as admin, either release it manually, or setup FortiMail to send to each recipient a notification mail and allow him (or not) to release the quarantined mail by himself.

As per my experience in general cases you don't need to connect your FortiMail to LDAP, except in few special cases for some special needs.

Anthony_E

Staff

Hello Andy,

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Regards,

Best Regards

Anthony_E

Staff

Hello Andy,

I have foud this documentation:

https://docs.fortinet.com/document/fortimail/7.2.0/administration-guide/907026/managing-the-quarantines#:~:text=Personal%20quarantine,-Quarantines%20email%20messages&text=The%20FortiMail%20unit%20periodically%20sends,See%20Managing%20the%20personal%20quarantines.

Could you please indicate me if it helped?

Regards,

Best Regards

Markus_M

Staff & Editor

Adding to Anthony, the user DB where your users are, will be important. If your users are all on LDAP, then create an LDAP lookup. The FML should be able to do the LDAP user lookup such that you can log in with an LDAP user. The user's quarantine mailboxes should then be automatically created, so they can work with them.

Alternatively, you can configure to have every user simply have an email sent once there is a quarantined message or as summary every day per schedule.

A user can click on icons in that email to release an email if needed. Example mail attached as screenshot.

Best regards,

Markus

2022-07-12-19-53-36.png

Andy3Author

Explorer

Thank you very much.This is really very useful information.

If I understood correctly I need to connect Fortimail to LDAP and automatically users can log in to Fortimail and have personal quarantine?

And what about this second option that every user have an email sent once a day summary for quarantine messages.Is this option posible without LDAP connection?How to configure this option.

Thank you once again

AEK

SuperUser

Hello

No need to connect with LDAP for that.

Any mailbox (even not existing) that receives a mail that is quarantined by FML will a personal quarantine set created for it.

AEK

Andy3Author

Explorer

I'm not sure I know what you mean.Is there any additional information.
Thank you in advanced

AEKAnswer

SuperUser

You don't need to configure LDAP on FML to setup personal quarantine on FortiMail.

In your filtering profile(s) just set the action of a failed check (or default action) to PersonalQuarantine and then your FortiMail will send automatically any quarantined mail to the recipient's personal quarantine folder on the FortiMail.

You can then, as admin, either release it manually, or setup FortiMail to send to each recipient a notification mail and allow him (or not) to release the quarantined mail by himself.

As per my experience in general cases you don't need to connect your FortiMail to LDAP, except in few special cases for some special needs.

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded