HI,
i have a problem and i hope somebody can help me.
First: Fortimail 200E v6.4.3(GA), build437 Scan order : antispam-content-sandbox
Sandbox: 1000D v3.2.1,build0222 (GA)
Fortimail Antispam Config:
Now my problem is, i'm using Banned word and dictionary to filter special Words in the Emails and reject this,
now sometime he send first emails to the Spam Outbreak and after the period time the is checking for the banned words and after finding banned words, the send the emails to the System Quarantine.
This only happend after the Spam Outbreak, without Spam Outbreak he Reject the emails directly.
Why he send after Spam Outbreak Emails with banned word to the Quarantine and its possible to change it.
Thank you
Hi Alexander,
It's because after FortiMail accepted this email for outbreak defer, it no longer can reject it. To the remote MTA, the email has already been accepted by FortiMail. The Reject action will then fall back to System Quarantine.
HI,
yes, but how can i prevent that Fortimail accepted this emails, because with the others is working, only with a couple emails its not working
Fortiguard spam outbreak happens before banned word, so in this case a suspicious email will be deferred first.
HI,
i understand, but in my attached image i have the config, that for this recipient pattern the suspicious emails should reject and i cannot not find why there are send to sandbox or i have a missunderstand in the config
Because if the email triggers spam outbreak, and it can also trigger sandbox while you have sandbox configured, then the email will be put into spam outbreak queue and sandbox queue at the same time. This is to reduce the total defer time.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.