Created on
ā11-23-2021
10:28 PM
Edited on
ā06-16-2025
12:05 AM
By
Jean-Philippe_P
Description | This article describes how to troubleshoot Email alerts not able to be sent out via default email alert settings. |
Scope | FortiGate. |
Solution |
Make sure to have a working WAN link to send out the email. Do a test ping to the default mail server: notification.fortinet.net or fortinet-notifications.com
execute ping fortinet-notifications.com
Check the existing configuration in FortiGate.
Below is an example of default settings:
get system email-server
In some cases, it is necessary to configure the interface manually:
set interface-select-method
When the custom email server is used on FortiGate to send the emails out from the FortiGate for purposes like FortiToken Activation Email or Email Alerts, the emails may not be received on the user side.
Check the connection to the Email Server:
exe ping <SMTP server IP>
config system email-server ... set source-ip {ipv4-address} ... end
Run the alert mail debugs:
diagnose debug reset
diagnose log alertmail test
Note: This test will send out the test mail to the email address that is configured in the alertmail setting ('conf alertmail setting'). If it is not configured, no emails will be sent out.
Refer to this article to configure it: Technical Tip: How to configure alert email settings.
Troubleshooting:
If that is not set, the debugs will show 'send mail success', but the mails will not be received.
config system email-server set server "<Email server IP>" set reply-to "admin@example.com"
If any failures or errors show in the debugs, check for the following things:
diagnose sniffer packet any 'host <server IP> and port <port no>' 4 0 l
If the issue persists, collect all the debugs and the output of the above commands and submit them to the TAC ticket along with the configuration file of the FortiGate.
Then, disable debug:
Save the output either by downloading it via the CLI window or using the Putty tool to log it, to attach the debug logs to the case for TAC review.
Output of the Email Alert Debug: The debug below shows the important messages to check during the troubleshooting:
diagnose debug enable diagnose debug console timestamp enable diagnose debug application alertmail -1 2024-11-25 00:04:42 Arrived msg(type 8, 818 bytes):XXXXXX@gmail.com <- User's email. "EEIJEOT7WMAVXDHV" Alternatively, use the attached QR code image to activate your token with the "Scan Barcode" feature of the app. FortiGate 2024-11-25 00:04:42 mail_info:
Note: In some alert emails debugs the below logs can also be seen:
2024-12-31 10:19:58 connecting to 10.10.110.39 port 587
The above error is seen when using an SSL-enabled security mode under the email-server settings as follows:
config system email-server
To bypass this error, use 'set security none'.
Note: In some cases, it is possible to see an error with 'code: 530', which will ideally state that the issue is with the server, specifically, that the client would not be successfully authenticated by the server. This can also be confirmed by taking a packet capture in the firewall for the port that is being listened to by the email server.
024-09-02 21:53:38 create_ssl: 0x7f9561385000
Note: In the alertmail debugs, check whether the sender and receiver email addresses are different. Sometimes, if the sender and receiver email addresses are the same, the email server blocks the email send request. See the example logs below where the sender and receiver email addresses are the same:
WIG-FGT-01 (global) # Arrived msg(type 6, 83 bytes):sajeermkit@gmail.com AuthCode: 240126 mail_info:
Note: Starting from v7.4.4, the default email server has been switched from notification.fortinet.net to fortinet-notifications.com. This default server is only available to registered devices with an active FortiCare support contract. The reply-to field in the source email is automatically updated to DoNotReply@fortinet-notifications.com for all servers, including custom ones.
Technical Tip: How to configure alert email settings Technical Tip: Unable to send reports or activation email from FortiGate Troubleshooting Tip: Alertmail queries Technical Tip: Unable to configure 'Default Reply To' via GUI and CLI |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.