Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Shivasagar
Staff
Staff

Created on ‎09-19-2022 11:50 PM

Article Id 224203

Technical Tip: How MIME tag works in Email filter

Description

 

The article describes how the MIME tag works for email traffic.

 

Solution

 

Config snip on FortiGate:

 

# config emailfilter profile
    edit "default"

       config imap
          set action tag
          set tag-msg "SpamByFGT:IMAP"
       end
       config pop3
          set action tag
          set tag-msg "SpamByFGT:POP3"
       end
    next
end

 

Below is an example of an email header tagged as spam over IMAP protocol.

 

Date: Mon, 19 Sep 2022 22:23:33 -0700
Subject: Proxy mode inspection issue
From: User2 <u2@forti.lab>
To: u1@forti.lab
Message-ID: <20220919222333.28JMNXBJ001863@forti.lab>
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
SpamByFGT: =?utf-8?Q?IMAP?=

<p style="margin-block: 0px;">Proxy is not working</p>

 

Tag to MIME header does not modify the email contents[Subject/Body] directly for a user, rather the email client[Outlook/Thunderbird/etc] can take action based on this inserted Header/Attribute.

632
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.