Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Carl_Wallmark
Valued Contributor

Created on ‎11-14-2017 11:09 AM

NFR: Check sender domain against FortiGuard -> Newly registered domain

Hi,

 

Today we had a few scam emails which were accepted, they misspelled our domain so at first glance it looked ok but it was not correct.

And the fortimail let it pass because nothing "dangerous" was in it. 

But the domain was created 2017-11-02, so is it possible to run the sender domain against FortiGuard and flag/redirect emails which will be under the "newly registered domain / newly observed domain" category ?

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
7243
0 Kudos
5 REPLIES 5
Carl_Windsor_FTNT
Staff
Staff

Created on ‎11-14-2017 05:59 PM

This is already scheduled for the next release (5.5) together with some other relevant BEC features.

Dr. Carl Windsor
Chief Information Security Officer (CISO)
Fortinet

2950
0 Kudos
Carl_Wallmark
Valued Contributor
In response to Carl_Windsor_FTNT

Created on ‎11-14-2017 11:39 PM

Nice! Thanks!

 

Any ETA on 5.5 ?

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
2950
0 Kudos
Carl_Windsor_FTNT
Staff
Staff
In response to Carl_Wallmark

Created on ‎11-15-2017 07:55 AM

I don't want to commit an exact date here as things do change as we add customer NFRs but it should be late Q1/early Q2 timeframe.

Dr. Carl Windsor
Chief Information Security Officer (CISO)
Fortinet

2950
0 Kudos
Carl_Wallmark
Valued Contributor
In response to Carl_Windsor_FTNT

Created on ‎11-17-2017 04:13 AM

Very good Carl.

 

Thanks!

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
2950
0 Kudos
emnoc
Esteemed Contributor III
In response to Carl_Wallmark

Created on ‎11-21-2017 06:52 AM

OP, in the mean time, you can subscribe to a newdomain  listing  service and build a list  of new domains.

e.g

https://www.whoisxmlapi.com

 

Until  a domain has reputation scoring it  will rate neutral in the spam rating for more appliances. I use the above and  unix-whois looks to vaidate domain creation time and manually apply the domains in a tight policy.

 

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
2950
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.