Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
elk84
New Contributor

How to configure AV profile for email clients to get desired behavior

Hi!

 

I recently deployed new FortiGuard unit at customer site and I have problem with Antivirus profile.

Users uses POP3 email clients connecting to external email server. Those connection are under control of Antivirus security profile, which block any detected viruses. So far so good. 

The problem arises when an message with virus is delivered to user mailbox (among many other, normal, harmless messages).

When user's email client check his mailbox on the server for new messages, it will try to download all new messages, among which there is also an infected one. And then FortiGuard detect it and block connection. Ok, after all it is intended purpose of AV profile. But now, user is unable to download ANY messages (also clean ones), until I either infected message is somehow removed from server or until I will disable AV profile.

 

Currently I have modified AV profile for email clients not to block detected viruses, but instead only log this fact, but it defeats purpose of using FortiGuard and AV profiles.

 

What could be done to block infected messages in this situation, but allow all clean ones?

 

Thank you for any suggestion.

 

elk

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors