Hi,
we getting a lot of financial spam advertisements that have "Form" field other that "Header From" please take a look my Antispam Profile setttings:
Log when these emails are coming to Fortimail:
And how it looks at the employees Outlook:
Fortimail should at first step recognize these messages as Spam so should move it to personal quarantine folder - but doesn't.
Or it should tag these emails as [Suspicious Email] because of SFP Alignment Sender mismatch - but also doesn't.
I created a ticket at support they recommend me to upgrade Fortimail firmware, so I did to latest 6.4.5GA - but this didn't help.
Any ideas?
Hi Tutek
Based on your screenshot, it seems the header from and envelope from is from same domain "fin-inwest.pl". This will not match the SPF sender alignment because sender alignment check for email domain mismatch.
"Sender alignment is an SPF related function that checks for a Header From and authorization domain mismatch." extracted from https://docs.fortinet.com/document/fortimail/7.0.2/administration-guide/352990/configuring-antispam-...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.