Description
This article describes how to enable the personal or per-recipient quarantine report and how to troubleshoot problems related with it.
Scope
FortiMail quarantine report.
Solution
The FortiMail can be configured to send personal quarantine reports to some or all users. To enable this feature, there are three settings in the FortiMail configuration that have to be enabled:
- Under Domain & User -> Domain, select the correct domain and select Edit, expand the 'Advanced Settings' option, select 'Quarantine Report Setting', and enable 'Original recipient' under 'Report destination':
- Enable 'Send quarantine report' under the 'Resource Profile' that is being applied as the default to the recipient-based policy that matches the incoming traffic:
- Enable 'Receive quarantine report' under User -> User Preference:
How to test it:
Once the personal quarantine report has been enabled in the 3 steps described above, FortiMail will automatically start sending the reports to each recipient according to the schedule configured under Security -> Quarantine -> Quarantine Report.
For testing purposes, it is also possible to manually force the FortiMail to send the quarantine report anytime to a specific recipient. Go to Quarantine -> Personal Quarantine, select any user that has received spam emails recently, select 'Send Quarantine Report to…' and then select 'Selected users':
The Mail Event logs should show two entries like the following:
'Quarantine report: found X Messages for User: user2@test.lab to (user2@test.lab) (Scheduled)'
'to=user2@test.lab, delay=00:00:04, xdelay=00:00:00, mailer=esmtp, pri=0, relay=test.lab. [x.x.x.x], dsn=2.0.0, stat=Sent (q9IJYANc001298-q9IJYANe001298 Message accepted for delivery)'
The first log indicates that FortiMail is about to send the span report to the recipient user2@test.lab. The second log indicates that the Quarantine report email was sent.
Most common problems:
If the recipient does not receive the spam report after the test above, the Mail Event logs will show if FortiMail had any problem generating or sending the report.
For example:
- The recipient does not have any quarantined email, or no email has been quarantined recently:
Quarantine report: found 0 Messages for User: user1@test.lab (Scheduled)
Quarantine report: skips unchanged user path /home/test.lab/user50~test.lab
- 'Receive spam report' is disabled under User Preferences for the recipient:
Quarantine report: skips user preference spam report disabled user user3~test.lab
- 'Send quarantine report' is disabled in the Resource profile:
Quarantine report: skips anti-spam profile spamreport disabled user path /home/test.lab/user40~test.lab
