Technical Tip: Unable to send FortiToken email using custom smtp server starting 7.4.4

On FortiOS 7.4.4 and later, the reply-to has been set automatically to DoNotReply@fortinet-notifications.com in the email server settings. This will affect all SMTP servers, and even a custom SMTP server is included.

On a custom SMTP server like Office 365, it is necessary to have the same username and the same 'reply-to' sender. However, it will not be the same because the reply-to field is automatically changed to DoNotReply@fortinet-notifications.com once upgrading the device to v7.4.4 and later.

Here is the output on v7.4.4, the 'reply-to' option is no longer available and thus cannot be changed.

config system email-server

    set type custom                                          

    set server "smtp.office.365.com"

    set port 587

    set source-ip 0.0.0.0

    set source-ip6 ::

    set authenticate enable

    set validate-server disable

    set username "token@notify.fortinet.com"

    set password ENC ***

    set security starttls

    set ssl-min-proto-version default

    set interface-select-method auto

end

As a result, every attempt to send a FortiToken email will fail, and it will show the result of ‘buffer full'.

2024-05-24 12:32:34 sessionn 0xa16c070, SSL connected

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: ehlo, code: 250

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: auth, code: 334

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: auth2, code: 235

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: mail, code: 250

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: rcpt, code: 250

2024-05-24 12:32:34 session: 0xa16c070, rsp_state: data, code: 354

2024-05-24 12:32:34 buffer is full

2024-05-24 12:32:34 _session_on_destroy

2024-05-24 12:32:34 <== send mail failed, m = 0xa151cc0 s = 0xa16c070

Solution:

Use the default FortiGate SMTP server or in custom but set the same username to DoNotReply@fortinet-notifications.com.