Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
opetr_FTNT
Staff
Staff

Created on ‎06-20-2016 02:33 AM

Article Id 196174

Technical Note: Bounce verification and Out of Office messages

Description
When bounce verification is enabled some Out of Office messages are marked as bounce verification failed.
opetr_FD38879_tnb_FD38879-1.jpg

Solution
This behavior is correct.

The cause of this is that some mail servers do not use the sender's email address from SMTP envelope but use the sender's address from mail headers to deliver OoO.

The problem is that the email address in mail headers does not contain bounce verification tag, hence FortiMail does not have any opportunity to recognize this message correctly (and is marking it as bounce verification fail).

For example:
Correct
MAIL FROM:<>
RCPT TO:<prvs=<keyvalue>=sender@domain.tld>

Incorrect
MAIL FROM:<>
RCPT TO:<sender@domain.tld>
The OoO message should use 'prvs=<keyvalue>=sender@domain.tld' in RCPT TO, the problem is when 'sender@domain.tld' is used instead.

As a workaround, Bounce verification exempts can be created in 'AntiSpam > Bounce Verification > Tagging Exempt List or Verification Exempt List' for domains or hosts that are having the problem.
Other possibilities are to enable "Bypass bounce verification" on the session profile or domain.

5709
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.