FortiGate 200F v7.2.7:
Security Profiles -> Email Filter -> [Local Spam Filtering] Block/Allow List
Hello, I am new to the Fortigate world and currently struggling with creating a local blacklist to block email addresses. Unfortunately, I can only select 'Mark as Spam' and 'Mark as Clear' options. 'Mark as Reject' cannot be chosen. I would appreciate any assistance.
'Mark as Reject' can only be selected for the following types: 'IP/Netmask' and 'IPv6/Netmask' - which, however, is not suitable for my use case.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
There is no "reject" for Sender Address type, even from CLI. You can only select "spam" or "clear".
This makes sens because "reject" is intended to reject the connecting "IP address" once it tries to connect (if I'm not wrong), and this mechanism is at IP level.
Thank you for your valuable input!! But then this blacklist under Email Filtering makes no sense at all if it's not possible to block a specific sender, but only mark it as spam. Are there any options with Fortigate (without Fortimail) to block emails from specific senders (this is possible with both Sophos and Cisco)?
Hello nk22
Just mark your spam action as 'discard'
Is better than 'reject', no info back to the spammer; just silently drop.
regards
/ Abel
Hi Abel, that sounds good. Unfortunately I don't know where I can select 'discard'…
Hello NK22
When you set action "Mark as Spam" in the allow/block list, that doesn't mean that the mail will reach your mail box as spam, but the Antispam profile that contains this allow/block list will perform the action that you set in "Spam Action" for SMTP protocol.
So for your case you need to do two action in order to get what you want:
Hi
within the email filter profile, open submenu 'Spam Detection by Protocol' , under spam action for SMTP you can choose 'discard' as an option to deal with the messages matching the profile
regards
/ Abel
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.