Technical Tip : Configuring FortiSandbox Mail-Transfer-Agent (MTA ) Adapter for Email Scanning and Quarantine Management

1. Ensure that the FortiSandbox MTA license is purchased and activated:

2. To enable and configure the MTA adapter, from FortiSandbox GUI, go under Security Fabric -> Adapter, enable the toggle button and configure all required fields like Name of domains that need to be relayed scanned by FortiSandbox adapter, SMTP server IP address / FQDN, SMTP port  as below:

For adding more one domain can be add it with by comma-separated.

3. Emails containing malicious URLs or attachments will be scanned and rated by the FortiSandbox MTA adapter, also verify scan results in the Scan Job Details section from FortiSandbox GUI.

4. For managing quarantined emails, navigate to Security Fabric -> Adapter -> Quarantine in the FortiSandbox GUI. This section lists all quarantined emails, and can be able to see:

• Delete quarantined emails.
• Release emails.
• Review the reasons for quarantine and download the mail sample.

5. Enable the notification mail setting to alert recipients when their email is quarantined.

Notifications will be sent to the recipient's mailbox.

Note:

The FortiMail server mode was used for testing in this example.

6. To confirm whether FortiSandbox has sent notification emails select Events & Logs in the FortiSandbox GUI.