In the FortiMail log, it shows the email disposition is 'Reject' and the Classifier is 'Sender Verification'. Example of the log as per below.

This issue is because the sender address is not able to be verified by FortiMail with the LDAP server. This option is enabled in 'Session Profile' under the 'Sender Validation' section. To check which Session Profile it uses, go to the History Log and find the 'Policy ID' section. The example below shows that this email matches the IP Policy ID 1. Go to IP Policy and find which Session Profile is applied in the IP Policy ID 1.

Open the Session Profile and check on the 'Sender address verification with LDAP' under 'Sender Validation'. Check what the LDAP Profile is used for in the sender address verification.

Since this issue is because FortiMail is unable to verify the sender with the LDAP server, it is necessary to check if the LDAP server used for that LDAP profile has an issue, such as a connection issue, is unable to browse the user in the LDAP server, is unable to query the sender in the LDAP server, etc.

To solve the issue, FortiMail must be able to query the sender address with the LDAP Server.