FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
Article Id 198028
This article describes how to perform settings for antispam on FortiMail platform.

FortiGuard services ensure that FortiMail services are optimized

Go to Maintenance -> FortiGuard -> Update -> FortiGuard Update Options and set the 'Scheduled update'  to Every 1 (hour):

Ensure that FortiGuard Services are working correctly:

Go to Maintenance -> FortiGuard -> AntiSpam -> FortiGuard Query see if ratings are working properly:

To prevent the spoofing of the protected domain by spammers go to Policy -> Access Control -> Receiving and create a policy with the protected domain, leaving everything else as defaults.

Legitimate external service which uses the protected domain in the emails.
Then create an exception and move it above the anti-spoofing Access Control Policy:

Tighten Inbound Session Policy.

Go to Policy -> Policies ->  IP Policies, edit the Session policy where the source and destination are

Go to AntiSpam -> Greylist and change the Settings.


Go to Profile -> AntiSpam -> URI Filter edit the URI filter in use (red dot at the end).

Go to Policy -> Policies and select the AntiSpam policy