This article describes what to do if an important and trusted sender domain that is safe-listed sends spam email to a user.
Scope
FortiMail.
Solution
If the important and trusted sender domain that is already added to the safe list in the FortiMail starts to send any spam email to the user, the suggestion below can be considered.
Remove the sender domain from the safe list in the FortiMail so the FortiMail will do the antispam scanning on the email from this sender domain.
Configure the loose policy and antispam profile for this sender domain.
If the email is detected by the FortiMail, consider configuring the FortiMail to do system quarantine (the FortiMail admin has to review the quarantined email and release it to the user if it is legitimate) or user quarantine (the user has to review the quarantined email and release it if it is legitimate).
