It would be fantastic if the Fortimail could help us deal with end-users that are getting large attachments in a method beyond just bouncing the messages. We continue to get complaints from users that tell us it's very frustrating because they don't realize a message never got through unless the sender contacts them.
I'd suggest a couple of ideas to deal with this in a user friendly manner:
1) Allow the message to go through but strip off the attachment. At least this way the user would get some notification that someone had attempted to send them a large file. (Though it would be important to be able to add that information into the message so that the recipient didn't just have the sender try over and over again....)
2) It would be fantastic to have the fortimail act like gmail and other services do when they receive a large attachment they get the original email with a link to the fortimail to download the attachment. This would be the best case scenario because it would get the user the file quickly, without it ending up in their main mailbox.
I had been wondering if it would be possible to accomplish #1 or #2 with current fortimail rules, but I don't believe so.
Thanks! Jeff
Jeff Roback
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Why not increase the maximum message size on Session Profile(s)?
In any case, that is a prerequisite for both of your suggestions, otherwise the message is rejected outright.
1) Look at the Scan Options on the Content Profile. You can apply an action for max message or attachment size (on 5.4).
You can also defer delivery of messages over X size or on policy match until off-peak hours if bandwidth is a concern.
The Replace action can replace the attachment (strip it).
2) Sort of the same as above, but quarantine the message so that the user can log in to webmail and download the message / attachment. This can include a notify message for the recipient and/order sender in the Action Profile.
Increasing the attachment size becomes a circular problem with the users, unfortunately, no matter how big we make it, they will keep sending larger attachments.... and Outlook, mobile devices, and Exchange servers just don't do well with messages above a certain size.
I didn't realize the strip attachment option was there, that does sound like one good option. I'll investigate.
When the message is quarantined, I'd like for the user to not be able to release it, but just download the attachment. But I'll investigate further and see if this will work.
But I still think it would be a great FortiMail feature if there was the option to say that for attachments above X size, that the FortiMail would pass through the message with a link that said "Click here to download the attached message" and then with a single link the user could get an attachment of any size that went along with the message. That way the user would have just a single click instead of having to go to quarantine, get the message, and find the attachment.
This would give fortimail functionality along the lines of what people are used to with Gmail and other popular mail services.
Jeff
Jeff Roback
For large e-mails it's typically the sending server that will bounce the e-mail. The sending server will connect to the fortimail and sees the maximum message size the fortimail advertizes after the EHLO command, if the message size exeeds the limit the sending server won't go any further and will bounce the message back to the sender without the Fortimail ever knowing why the sending server disconnected.
@Jeff
Users can download just the attachment from webmail.
There is no one-click method but can be done in about 4 clicks if you include the link to webmail in the notification message. User then logs in, clicks the email and clicks download.
Your users should be educated that email should not be used as a method for delivering large attachments.
Which is perhaps why you are looking to implement this configuration, as some kind of deterrent?
Again, the max size on Session Profile still needs to be increased and make the Content Profile setting the limiting factor. Else, the FortiMail returns '552 5.2.3 Message size is over limit ([limit value])'.
@Bromont
That's only possible if the sending client somehow knows the message size before it is actually delivered.
The FortiMail does not do this as client. It attempts to send the message.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1710 | |
1093 | |
752 | |
446 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.