Description
This article explains how to disable SMTP AUTH for IP addresses with a reputation for spam.
The SMTP authentication option may create large volumes of activity logs due to spammers using automation to guess passwords or otherwise breach security.
Scope
FortiMail v7.2.2 or later.
Solution
To ensure the SMTP AUTH option is presented only to clients with clean IPs, it is possible to enable a filter for bad IPs from the Session Profile of the inbound IP policy.
To do this:
1) Locate the inbound IP policy and edit the Session Profile.
2) Expand the Sender Reputation menu.
3) In the 'FortiGuard IP reputation check' option, select 'Use AntiSpam profile setting (no authentication)':
Once this feature is enabled, connections from IP addresses associated with spam will only be logged under Mail Event & AntiSpam logs.
No history logs will be created as the connection was not allowed.
