Description | This article describes the case when an Email filter is used in Flow-based mode and the tagging does not work. |
Scope |
FortiGate, flow-based inspection mode. |
Solution |
In flow-based inspection mode, FortiGate can only block emails (of all protocols), even if the action is specified as a tag, then FortiGate will block the spam email.
This is due to the packet-by-packet nature of flow mode, when FortiGate detects a banned word, the email subject is already passed in a precedent packet, and there is no more chance to tag it.
This is why the FortiGate can only 'Block' on all protocols even SMTP, in flow mode.
# config smtp |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.