on itself an interesting request, though i don't believe this is possible with normal configuration. which is a little weird because the FortiGate should have the knowledge to make this decision. the application control feature can do this within certain cloud applications, so why not for something "simple" as FTP.
i would say you have two options:
1 - do something on the FTP server side. perhaps you can apply IP filters there in combination with commands.
2 - do something with customer IPS signatures, which would block the PUT request. an example can be found here, but it isn't an easy solution: http://alstechcorner.blogspot.com/2013/10/how-to-block-anonymous-ftp-put-on.html