Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
seshuganesh
Staff
Staff

Created on ‎04-23-2022 05:35 AM Edited on ‎05-22-2025 10:49 PM By Community Manager

Article Id 210215

Troubleshooting Tip: Alertmail queries

Description This article describes how to troubleshoot queries related to alertmail in FortiGate.
Scope FortiOS.
Solution

In this scenario, alertemail is already configured but nothing is received.

 

In case it is not configured, it is possible to follow this document and configure automation stitch as per requirement:

CLI script action

 

The flow of alertmail.

 

Initially, alertmail will be triggered, firewall will try to send email to the destination mail server as per the configuration made under System -> Settings.

 

  1. As soon as automation stritch is triggered, go to Log & report -> Events  -> System Events (saying that automation stritch is triggered).

  2. Verify the configuration of the email server, made under System -> Settings.

 

  • If port 25 is used, SMTP security must be set to none.
  • If port 587  or port 465 is used, SMTP security must be set to SMTPS or STARTTLS.
 

Once the changes have been made, it is still not possible to send an email:

Try to take a sniffer with that specific port:

 

diag sniffer packet any 'port 587 or port 25' 4 0 a

 

Observe the traffic flow, if it is going only outside and there are no IN packets, it means it is necessary to check at the next hop level.

  1. Run the alert email debug to verify if the email is sent successfully:

     


diagnose debug reset

diagnose debug enable

diagnose debug console timestamp enable

diagnose debug application alertmail -1

 

The final step is that there are some mail servers when the mail is coming from 'no reply' they will filter the emails.

 

It is possible to configure email from the field using this article under (automation system action):

Technical Tip: How to change the 'FROM' email address field when an automatic stitch is triggered

 

Note:

Starting with v7.4.4, the default email server has been switched from notification.fortinet.net to fortinet-notifications.com.

This default server is only available to registered devices with an active FortiCare support contract. The reply-to field in the source email is automatically updated to DoNotReply@fortinet-notifications.com for all servers, including custom ones.


Related documents:
Troubleshooting Tip: Email alert 

Technical Tip: How to enable the email alerts when the Interface is down and up

Troubleshooting Tip: Alert mail queries

Technical Tip: How to configure alert email settings
Labels:
3299
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.