Hi guys,
Fortimail is POWERFUL.
Been getting some calls now from staff, that some of their mails are being blocked, required for work. Fortimail is working great i tell you, spam is being caught well, anything looks off, it is snatched for quarantined or blocked. I used an antispam inbound profile that is not so robust, but it seems like it is STILL kinda robust lol.
However, i would like to create some exceptions for certain email domains so these mails can pass via. Some mails are not even being quarantined; they are just blocked totally.
How can i set these exceptions and where specifically?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi NeoRant
I don't know what exactly means "Sender domain check failed", but I think this means like if FortiMail couldn't resolve the sending domain of the sender (in your screenshot you hid the domain). However as per the FML check execution sequence it seems you can't allow just by adding to safelist.
Personally to allow this I'd first investigate why FML can't resolve this domain (probably DNS issue). Then if I'm sure of what I'm doing (sender is 100% legitimate), I'd do as follows:
Hope it helps
Hi NeoRant
I don't know what exactly means "Sender domain check failed", but I think this means like if FortiMail couldn't resolve the sending domain of the sender (in your screenshot you hid the domain). However as per the FML check execution sequence it seems you can't allow just by adding to safelist.
Personally to allow this I'd first investigate why FML can't resolve this domain (probably DNS issue). Then if I'm sure of what I'm doing (sender is 100% legitimate), I'd do as follows:
Hope it helps
Hi AEK,
Thanks or your response. I am actually using the Recipient Policy for mail inspection.
Regards
Hi NeoRant
It doesn't matter since the specific session profile is set in the IP policy.
Hi AEK,
Yes i realised, my bad. Thank you again.
Regards
Hi AEK,
I did what you said and put the cloned ip policy(comprising the cloned session profile having the "check sender domain" unchecked) above my initial 0.0.0.0 IP policy. This new/cloned ip policy has as its source/sender e.g. 208.130.182.116/32 and destination of 0.0.0.0
I hope that's ok.
Hi NeoRant
Yes, that's correct.
Hi AEK,
Kindly see attached images.
So i applied your changes, you are of major help, THANKS. However, the classifier now changed from Session Domain to Recipient Verification. LOL, from one thing to the next I Tell you. Is there anything else I should turn off on this newly cloned IP Policy to allow mails or somewhere else in Fortimail. I dont believe I should even trouble my Recipient Address Verification (Domain->Domain&User), I have LDAP Server selected and Fortimail is flowing fine.
Any suggestions/fixes?
Hi NeoRant
If I remember well the recipient address verification tells FML to check if the recipient address actually exists, this check can be done via LDAP, or via SMTP directly with the backend mail server. I always leave this feature disabled since I didn't find any case where I actually need it.
Hi AEK,
I forgot to update you earlier. Re: recipient verification - I already checked LDAP, the AD account/user was in the wrong OU/not matching the binding lol, i resolved it.
Thanks much. You are a master AEK.
NEORANT
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.