Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
eferreira_FTNT
Staff
Staff

Created on ‎01-02-2013 08:58 AM Edited on ‎09-20-2024 03:48 AM By Moderator

Article Id 195265

Technical Tip: Enabling the personal or per-recipient quarantine report

Description

 

This article describes how to enable the personal or per-recipient quarantine report and how to troubleshoot problems related with it.


Scope

 

FortiMail quarantine report.


Solution

 

The FortiMail can be configured to send personal quarantine reports to some or all users. To enable this feature, there are three settings in the FortiMail configuration that have to be enabled:

  1. Under Domain & User -> Domain, select the correct domain and select Edit, expand the 'Advanced Settings' option, select 'Quarantine Report Setting' and enable 'Original recipient' under 'Report destination':

SS1.png
  1. Enable 'Send quarantine report' under the 'Resource Profile' that is being applied as the default to the recipient-based policy that matches the incoming traffic:

SS2.png

 

  1. Enable 'Receive quarantine report' under User -> User Preference:

SS3.png

 

How to test it:

 

Once the personal quarantine report has been enabled in the 3 steps described above, the Fortimail will automatically start sending the reports to each recipient according to the schedule configured under Security -> Quarantine -> Quarantine Report.

 

For testing purposes, it is also possible to manually force the FortiMail to send the quarantine report anytime to a specific recipient. Go to Quarantine -> Personal Quarantine, select any user that has received spam emails recently, select 'Send Quarantine Report to…' and then select 'Selected users':

SS4.png

 

The Mail Event logs should show two entries like the following:

 

“Spamreport: found X Messages for User: test@test.lab to (test@test.lab)”

 “to=test@test.lab, delay=00:00:04, xdelay=00:00:00, mailer=esmtp, pri=0, relay=test.lab. [x.x.x.x], dsn=2.0.0, stat=Sent (q9IJYANc001298-q9IJYANe001298 Message accepted for delivery)”

 

The first log indicates that the FortiMail is about to send the span report to recipient test@test.lab. The second log indicates that the email was sent.

 

Most common problems:

 

If the recipient does not receive the spam report after the test above, the Mail Event logs will show if the FortiMail had any problem generating or sending the report.

 

For example:

  • The recipient does not have any quarantined email or no email has been quarantined recently:

“Spamreport: found 0 Messages for User: test@test.lab” 

 

  • 'Receive spam report' is disabled under User Preferences for the recipient:

“Spamreport: skips user preference spam report disabled user test~test.lab”

 

  • 'Send quarantine report' is disabled in the Antispam action profile:

“Spamreport: skips anti-spam profile spamreport disabled user path /home/test.lab/test~test.lab”

12548
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.