Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
nagarajs_FTNT
Staff
Staff

Created on ‎12-26-2022 10:38 PM Edited on ‎12-17-2025 02:57 AM By Staff

Article Id 240990

Technical Tip: Detect emails with an empty body

Description

 

This article describes how to use a DLP profile to detect emails with an empty body.

 

Scope

 

FortiMail v6.2.5 and above, v6.4.1 and above, v7.and above.

 

Solution

 

  1. Go to Data Loss Prevention -> Rule & Profile -> Rule. If the DLP is not enabled, check: Preventing Data Loss in FortiMail
  2. Create a new message scan rule.
  3. Create a new condition as below.

 

nagarajs_FTNT_0-1672068715083.pngnagarajs_FTNT_1-1672068740714.png

 

  1. Go to Data Loss Prevention -> Rule & Profile -> Profile.
  2. Create a new DLP profile.
  3. Create a new DLP content scan setting as below and select the scan rule created earlier.
  4. It is possible to select the required action profile for the scan rule.

 

nagarajs_FTNT_2-1672068785867.png

 

  1. Apply the new DLP profile to the IP policy:

 

ip_policy.png

 

Or a Recipient policy:

 

recipient_policy.png

 

 

Result:

The mail with an empty body is detected by the DLP profile, and the 'Quarantine' action is applied.

 

nagarajs_FTNT_3-1672068813170.png

977
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.