Fortimail SMTP session question

Forum|Forum|1 year ago
November 7, 2024
1 reply
741 views

Hello. I’ve been receiving some spam lately, and I’ve noticed that during the SMTP connection, the sender's "from" domain does not resolve via DNS but the DNS resolvers are working properly. Additionally, since the domain is not resolvable aka. it does not exist , both SPF and DKIM checks fail. Shouldn't FortiMail block these emails during the SMTP session since I have the "Check Sender Domain" option enabled within the "Unauthenticated Session" settings? Any ideas or help its much appreciated. Thank you.

FortiGate

AEK

SuperUser

Hello Fexaac

Can you try enable DKIM and SPF checks in antispam filter instead? That should work if you do so.

On the other hand as per my understanding, the natural place of DKIM and SPF check should be (as per my understanding) in the antispam, not in session, even if there is a possibility to enable them in the session profile. Don't ask me why as it is a bit philosophical.

On the other hand and as you may know, the "from" domain is in two locations, the envelop from and the header from. The envelop from is the one checked with SPF, and the header from is checked with "sender alignment" option in antispam. I always enable that one because some spam mails play on the header from.

I also mean if the "header from" doesn't exist, it doesn't affect the SPF or domain check in the session profile, because the session profile checks the "envelop from" (if I'm not wrong).

Hope it helps.

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded