Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
nagarajs_FTNT
Staff
Staff

Created on ‎12-26-2022 10:38 PM Edited on ‎01-30-2024 02:53 AM By Community Manager

Article Id 240990

Technical Tip: Detect emails with an empty body

Description

 

This article describes how to use a DLP profile to detect emails with an empty body.

 

Scope

 

FortiMail - Version 6.2.5 and above, 6.4.1 and above, 7.X versions and above.

 

Solution

 

1) Go to Data Loss Prevention -> Rule & Profile -> Rule.
2) Create a new message scan rule.
3) Create a new condition as below.

 

nagarajs_FTNT_0-1672068715083.pngnagarajs_FTNT_1-1672068740714.png

 

4) Go to Data Loss Prevention -> Rule & Profile -> Profile.
5) Create a new DLP profile.
6) Create a new DLP content scan setting as below and select the scan rule created earlier.

 

7) It is possible to select the required action profile for the scan rule.

 

nagarajs_FTNT_2-1672068785867.png

 

8) Apply the new DLP profile to the policy accordingly.

 

Result :

The mail with an empty body is detected by the DLP profile and the 'Quarantine' action is applied.

 

nagarajs_FTNT_3-1672068813170.png

689
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.