DescriptionEach and every history log contains one field called Classifier.
The Classifier field displays which FortiMail scanner applies to the email message. For example, “Banned Word” means the email messages were detected by the FortiMail banned word scanner.
The Disposition field specifies the action taken by the FortiMail unit. There are a total of 66 different types of classifiers to date at the time of this article being written (or 65 as "Virus as Spam" is obsolete and only before v4.3 release).
This article explains some of the common classifiers.
ScopeAll firmware.
SolutionBypass Scan on Auth
This means that the Email was not scanned since authentication is successful. This setting can be changed in the Antispam profile, under Scan Options "Bypass scan on SMTP authentication".
Session Domain
Recipient email domain unable to be resolved via configured DNS.
Session Limits
Total sessions exceeding the matching configured session profile under Connection Settings or SMTP limits.
Sender Reputation
A huge increase of emails sending from the same sender (IP address) causing it hit the sender reputation. Check on Session profile under "Sender Reputation".
Session Remote
Sessions are rejected by the remote sever and the FortiMail is just relaying this information to the sender and logging it. This only appears in Transparent Mode.
