Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
rvillaroman
Staff
Staff

Created on ‎05-24-2024 12:50 AM Edited on ‎11-05-2024 10:25 PM By Community Manager

Article Id 317048

Technical Tip: Unable to send FortiToken email using custom smtp server starting v7.4.4

Description This article describes that the reply-to option on the email server is no longer available on v7.4.4.
Scope FortiGate v7.4.4
Solution

On v7.4.4 and later, the reply-to has been set automatically to DoNotReply@fortinet-notifications.com in the email server settings. This will affect all SMTP servers, and even a custom SMTP server is included.

 

On a custom SMTP server like Office 365, it is necessary to have the same username and the same 'reply-to' sender.

However, it will not be the same because the reply-to field is automatically changed to DoNotReply@fortinet-notifications.com once the devices are upgraded to v7.4.4 and later.

 

Here is the output on v7.4.4, the 'reply-to' option is no longer available and thus cannot be changed.

 

config system email-server

    set type custom                                          

    set server "smtp.office.365.com"

    set port 587

    set source-ip 0.0.0.0

    set source-ip6 ::

    set authenticate enable

    set validate-server disable

    set username "token@notify.fortinet.com"

    set password ENC ***

    set security starttls

    set ssl-min-proto-version default

    set interface-select-method auto

end

 

As a result, every attempt to send a FortiToken email will fail, and it will show the result of ‘buffer full'.

 

2024-05-24 12:32:34 sessionn 0xa16c070, SSL connected

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: ehlo, code: 250

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: auth, code: 334

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: auth2, code: 235

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: mail, code: 250

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: rcpt, code: 250

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: data, code: 354

2024-05-24 12:32:34 buffer is full

2024-05-24 12:32:34 _session_on_destroy

2024-05-24 12:32:34 <== send mail failed, m = 0xa151cc0 s = 0xa16c070

 

Solution:
The issue is resolved in v7.6.1 and in v7.4.5 which is tentatively scheduled to be released by the end of August 2024. Contact Fortinet Support for any queries regarding the software release outlook.

Workaround:

Use the default FortiGate SMTP server or in custom but set the same username to DoNotReply@fortinet-notifications.com.

 

smtp.PNG

 

Note:  

To use the default Fortinet email server, it is necessary to register the device on FortiCare support and have an active contract.
4147
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.