FortiMail 6.0.0 is now released and has been distributed to the support site. This release adds several new features:
URI Click Protection
FortiMail rewrites selected links so that when a user clicks the link in the email message, the will be directed to the FortiMail device for additional FortiGuard URI Filter service scanning. This is prevent previously unknown or trusted URLs being weaponized after delivery to the inbox. Enterprise ATP license is required.
Business Email Compromise - Impersonation analysis
The mapping between display name and email address can be manually or automatically defined so that if a Display Name matching an internal resource is found to be targeted to the protected domain, the recipient can be notified of a potential spoofing attempt. Enterprise ATP license is required.
Email Subject Scan
DLP sensitive data and URI checking has been extended to include the Subject content.
Email delivery rate limiting
Rate limiting is now supported for outbound mail to specific destination domains in order to prevent legitimate bulk mail delivery from causing protected mailservers being blacklisted.
Network interface access control
Webmail and admin access can now be separately defined on a network interface.
Granular SSL Cipher configuration
Previously SSL Cipher configuration was performed on a global basis for all protocols using the strong-crypto command. This feature is still supported but additional configurability has been added to allow exactly which ciphers are enabled and for which protocol (mail, webmail). See CLI config sys security crypto.
Authentication reputation tracks and scores login attempt failures to mitigate the risk of password guessing attacks. This information is now displayed in the GUI allowing for users to be removed from auto blocking and added to an exempt list. See Monitor > Reputation > Authentication Reputation for the blocked list and Security > Authentication Reputation for the configuration.
FortiMail has adopted the concept of FortiView for real-time drill down reports in a similar way to FortiOS.
Decrypt password protected Office document
An extension of the 5.4 password decryption feature for archives and PDF's. This release adds Office documents to the list of supported decryption targets.
Cross searching is now supported directly from the mail queues and system quarantines.
Log time stamps have added millisecond resolution to make the cross search order more accurate.
Added "Session ID" field in Mail Queue and System Quarantine for enhanced cross search.
Security Fabric integration
FortiMail now appears as part of the FortiOS Security Fabric and statistics can be directly viewed from FortiOS.
As part of this release, a new licensing model has been introduced to cover the newly added features:
FortiMail Base Bundle - Includes 24x7 FortiCare, AntiSpam, Antivirus and Virus Outbreak Service
FortiMail Enterprise ATP Bundle - Includes 24x7 FortiCare, AntiSpam, Antivirus, Virus Outbreak Service as well as FortiCloud Sandbox, Content Disarm and Reconstruction (CDR), URI Click Protection, Business Email Compromise – Impersonation Detection
For more details see the FortiMail 6.0.0 Release Notes and the 6.0.0 Admin Guide.
Dr. Carl Windsor
Field Chief Technology Officer