FortiMail, Spam Outbreak and Sandbox

Forum|Forum|5 years ago
December 10, 2020
1 reply
6281 views

HI,

i have a problem and i hope somebody can help me.

First: Fortimail 200E v6.4.3(GA), build437 Scan order : antispam-content-sandbox

Sandbox: 1000D v3.2.1,build0222 (GA)

Fortimail Antispam Config:

Now my problem is, i'm using Banned word and dictionary to filter special Words in the Emails and reject this,

now sometime he send first emails to the Spam Outbreak and after the period time the is checking for the banned words and after finding banned words, the send the emails to the System Quarantine.

This only happend after the Spam Outbreak, without Spam Outbreak he Reject the emails directly.

Why he send after Spam Outbreak Emails with banned word to the Quarantine and its possible to change it.

Thank you

Unbenannt.JPG

Jjchen_FTNT

Staff

Hi Alexander,

It's because after FortiMail accepted this email for outbreak defer, it no longer can reject it. To the remote MTA, the email has already been accepted by FortiMail. The Reject action will then fall back to System Quarantine.

Alexander_MuellerAuthor

New Member

HI,

yes, but how can i prevent that Fortimail accepted this emails, because with the others is working, only with a couple emails its not working

Jjchen_FTNT

Staff

Fortiguard spam outbreak happens before banned word, so in this case a suspicious email will be deferred first.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded