personal whitelist being ignored

Patrick3 · ‎07-24-2014

Hello, I' m running firmware version 5.1.3 (happened with 5.1.1 as well) and I' ve been getting lots of complaints from end users that email is going into their quarantine despite the sending addresses being in the personal whitelist. Upon investigation I have verified this to be true. This happens with anything flagged by the DNSBL as well as IP addresses listed in the Fortiguard anti-spam IP service. I have a ticket open with Fortinet support but so far they aren' t sure. Just wondering if anyone else is seeing this. Kind regards,

Bromont_FTNT · ‎07-24-2014

This is expected behaviour for Fortiguard listed IPs but I believe the personal whitelist comes before DNSBL in the order of execution so something to look into.

Patrick3 · ‎07-24-2014

ORIGINAL: Bromont This is expected behaviour for Fortiguard listed IPs but I believe the personal whitelist comes before DNSBL in the order of execution so something to look into.

Thanks for the reply. I did look through it and it does look like the personal whitelist should take precedence over the DNSBL but I' ll have another look. I do know the support rep said it definitely should come before the DNSBL but he also said it should take precedence over the Fortiguard listed IP' s as well. Thanks,

Bromont_FTNT · ‎07-24-2014

Check out the order of execution here: http://docs-legacy.fortinet.com/fmail/5-1-0/admin/index.html#page/FortiMail_Online_Help/overview_01_24.html If you are sure the whitelist is being bypassed you should probably open a ticket

Patrick3 · ‎07-24-2014

I do have a ticket open already but so far they haven' t identified the issue. The support rep thought it was an undocumented bug and that upgrading from 5.1.1 to 5.1.3 would resolve the issue but it did not. Thanks for the link.

Bromont_FTNT · ‎07-24-2014

Are you sure you are on 5.1.3 (build 281)? Are the users with the personal whitelist BCC recipients on these e-mails?

Patrick3 · ‎07-24-2014

ORIGINAL: Bromont Are you sure you are on 5.1.3 (build 281)? Are the users with the personal whitelist BCC recipients on these e-mails?

Yes I' m sure. I' m looking right at it. No, they are not BCC recipients on this emails. The single and only recipients.

emnoc · ‎07-24-2014

Can you explain what type of quarantine with regards to AS? Please add a copy of the AS log entry for the mail message your referencing.

PCNSE

NSE

StrongSwan

Patrick3 · ‎07-24-2014

ORIGINAL: emnoc Can you explain what type of quarantine with regards to AS? Please add a copy of the AS log entry for the mail message your referencing.

http://i.imgur.com/YyRsMr6.png

emnoc · ‎07-25-2014

So you have someone sending you a message from comcast? And your okay with this? or was this a test only?

Now to your problem, in the ASprofile & the DNSBL setting action, I guess you have a policy set to quarantine if it matches the AS/DNSBL. Now do you have multiple recipient-policies? If so make sure they all have send quarantine reports enabled. You can also look at the logs to determine what recipient-policy-# that was matched.

PCNSE

NSE

StrongSwan

personal whitelist being ignored

Nominate a Forum Post for Knowledge Article Creation