FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
jstan
Staff
Staff
Description

This article describes the reason behind the discrepancy on the FortiSandbox statistics.

Scope

FortiMail.

Solution

Usually, it may be noticed that the total mail volume and the analyzed volume on FortiSandbox does not tally and the volume reported on FortiSandbox is usually way more than the files being sent from FortiMail for analysis.

 

This happens due to archive file scanning.

 

For example, a test.zip file contains 3 file, when FortiMail sends the file to FortiSandbox, the statistic will only record 1 file.

 

When FortiSandbox receives the zip file, it will extract the file and scan the 3 files separately, and it will contain a total of 4 files being scanned, which is why FortiSandbox usually reports a higher number of scanned files.

On FortiSandbox.

 

jstan_0-1655256593937.png

 

On FortiMail.

 

jstan_1-1655256593939.png

Contributors