FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes a behavior observed after upgrading to v7.4.7, where system-generated emails (such as FortiToken delivery) are sent with a MAIL FROM address that matches the MAIL TO address. This occurs when no username is configured in the custom SMTP server settings.
Scope
FortiGates running v7.4.4 and above, using a custom SMTP server without SMTP authentication credentials.
Solution
Starting from v7.4.4, Fortinet introduced a change in the default email notification behavior. This includes all system-generated emails, even when using a custom SMTP server.
Key behavior:
If no SMTP username is configured, the system sets MAIL FROM equal to MAIL TO.
The reply-to field is automatically set to DoNotReply@fortinet-notifications.com, and cannot be customized.
If a username is configured, the MAIL FROM will be set to that username.
To override the behavior and define a specific sender, configure SMTP authentication with a valid email identity.
CLI Example:
config system email-server set server "smtp.yourdomain.com" set security starttls set authenticate enable set username "noreply@yourdomain.com" set password ENC <encrypted_password> end
After applying these changes, FortiGate will send emails using the username as the MAIL FROM value, restoring the expected behavior for FortiToken and other email-based features.
