Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Carl_Windsor_FTNT

Introducing FortiMail 6.0.0

FortiMail 6.0.0 is now released and has been distributed to the support site.  This release adds several new features:

 

URI Click Protection

FortiMail rewrites selected links so that when a user clicks the link in the email message, the will be directed to the FortiMail device for additional FortiGuard URI Filter service scanning.  This is prevent previously unknown or trusted URLs being weaponized after delivery to the inbox. Enterprise ATP license is required.

Business Email Compromise - Impersonation analysis

The mapping between display name and email address can be manually or automatically defined so that if a Display Name matching an internal resource is found to be targeted to the protected domain, the recipient can be notified of a potential spoofing attempt.  Enterprise ATP license is required.

Email Subject Scan

DLP sensitive data and URI checking has been extended to include the Subject content.

Email delivery rate limiting Rate limiting is now supported for outbound mail to specific destination domains in order to prevent legitimate bulk mail delivery from causing protected mailservers being blacklisted.

Network interface access control

Webmail and admin access can now be separately defined on a network interface.

Granular SSL Cipher configuration

Previously SSL Cipher configuration was performed on a global basis for all protocols using the strong-crypto command.   This feature is still supported but additional configurability has been added to allow exactly which ciphers are enabled and for which protocol (mail, webmail).  See CLI config sys security crypto.

Authentication reputation

Authentication reputation tracks and scores login attempt failures to mitigate the risk of password guessing attacks.  This information is now displayed in the GUI allowing for users to be removed from auto blocking and added to an exempt list.   See Monitor > Reputation > Authentication Reputation for the blocked list and Security > Authentication Reputation for the configuration.

FortiView support

FortiMail has adopted the concept of FortiView for real-time drill down reports in a similar way to FortiOS. 

Decrypt password protected Office document

An extension of the 5.4 password decryption feature for archives and PDF's.  This release adds Office documents to the list of supported decryption targets.

Logging enhancements

Cross searching is now supported directly from the mail queues and system quarantines. Log time stamps have added millisecond resolution to make the cross search order more accurate.

Added "Session ID" field in Mail Queue and System Quarantine for enhanced cross search.

Security Fabric integration

FortiMail now appears as part of the FortiOS Security Fabric and statistics can be directly viewed from FortiOS.

 

Licensing

As part of this release, a new licensing model has been introduced to cover the newly added features:

FortiMail Base Bundle - Includes 24x7 FortiCare, AntiSpam, Antivirus and Virus Outbreak Service

FortiMail Enterprise ATP Bundle - Includes 24x7 FortiCare, AntiSpam, Antivirus, Virus Outbreak Service as well as FortiCloud Sandbox, Content Disarm and Reconstruction (CDR), URI Click Protection, Business Email Compromise – Impersonation Detection

 

For more details see the FortiMail 6.0.0 Release Notes and the 6.0.0 Admin Guide.

Dr. Carl Windsor Field Chief Technology Officer Fortinet

1 REPLY 1
Carl_Wallmark
Valued Contributor

Hi Carl,

 

Thank you for FortiMail 6.0 !

 

A question, about impersonate analysis, you say it can be manual or automatic, I looked through the documentation but I cannot find any examples on how to type the rules, can you please clarify ?

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
Labels
Top Kudoed Authors