Good morning friends, a question, in the antispam logs I see a large number of emails classified as "recipient verification". Is there any way that these emails do not appear in the logs?
According to the "disposition" that the antispam takes is "reject", which, I understand that the antispam is rejecting those emails, correct? In those logs I see emails that do not exist in my organization.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Basically what you are seeing is someone who is trying to get valid emails from your organization...so this is rejected by your FortiMail because this is a valid way to give the attacker information so it can send emails to valid email addresses
I wouldn't suggest to turn those logs off because is good information to respond...like putting those IP address where are coming those request to a blacklist in your firewall, and things like that
Thanks for responding, so, when fortimail rejects those emails, those emails do not reach the end users' inbox, correct?
yeap, when fortimail "rejects" won't send a DSN (Delivery Status Notification)...some emails when are blocked, fortimail responds with a DSN (404, 503...etc, depending on the type of blocking), but when it's rejected...FortiMail won't send a DSN, to avoid sending information to the attacker that might give the idea of what kind of security techniques you are using...it's just like sending it to trash but not replying to attacker
And how can I deactivate the records of emails that are classified as "recipient verification"? The purpose is that these records are not displayed in the fortimail logs. Is that possible?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.