Technical Tip: API for Releasing System Quarantined Email Excluding Original Recipient

MFARRAG · ‎10-08-2024

Description

This article describes how to release system-quarantined emails from FortiMail using an API, excluding the original recipient and sending them to a different recipient.

Scope

Applies to FortiMail v7.4 build 586 and v7.6 build 664.

Solution

Ensure that the REST API is enabled on FortiMail, as it is disabled by default. Use the following commands to enable it:

config system web-service
set rest-api-status enable
end

To release the quarantine. To log in, use the following curl command:

curl -v -H "Content-Type: application/json" -X POST -d '{"name":"admin","password":""}' https://10.5.23.149/api/v1/AdminLogin -c cookie.txt <----- Replace admin and password with the relevant.

credentials.

To view the quarantined emails, run the following API call: https://10.5.23.149/api/v1/QuarantineMailDisplay

Set the parameters as follows:

{"reqAction": 1,"type": "system","folder": "Bulk","startindex": "0","pageSize": "50"}

The quarantined messages should be visible in the Bulk folder. Copy the Base Name (MMKEY) for the email requested to be released.

For example:

"1728392935.1433_276175_100688.011326#Q#498D8pwO005515"

Use the following API call to release the email: https://10.5.23.149/api/v1/SystemQuarantineRelease

Set the parameters as shown below:

{"folder": "Bulk","mmkey": "1728392935.1433_276175_100688.011326#Q#498D8pwO005515","otherEmails": "user2@API.COM",
"reqAction": 7,"excludeOriginal": true}

To verify, check the FortiMail Antispam logs, where the email will be marked as released to the configured recipient, excluding the original one.