Technical Tip: License status: 'no license' for Antispam and Virus Outbreak

If the license status of the Antivirus/Antispam shows as 'no license', make sure the below ports are opened on the Firewall and there should not be any upstream devices blocking the traffic

- FortiGuard Antispam rating queries: UDP/53, UDP/8888, TCP/53, TCP/443, TCP/8888.
- FortiGuard Antivirus push updates: UDP/9443.
- FortiGuard Antispam or Antivirus updates: TCP/443,TCP/8890.

All these ports need to be allowed on the firewall. 

Note.

Sometimes the upstream ISP or router will have to check on UDP port 53 traffic, and if it is not DNS traffic, it might block it.

It means that traffic could still be blocked after the firewall.

Therefore, other ports could be used except UDP/53 for Antispam traffic to bypass this kind of check.

If it is desired to check the port configuration on FortiMail, the following steps should be followed.

1) From Gui, Go to the System -> FortiGuard.
2) Go to the Antivirus tab and change the port configuration using the 'FortiGuard server port' section.

Or if it is needed to update for Antispam, go to the Antispam tab and change the port configuration using the 'FortiGuard server protocol' and 'FortiGuard server port' sections.

Check the following steps for Antivirus port configs.

Check the following steps for Antispam port configs.