FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
Not applicable
Article Id 190572
Article

To solve this problem:

  • Confirm that no SMTP traffic is bypassing the FortiMail unit due to an incorrect routing policy. Configure routers and firewalls to direct all SMTP traffic to or through the FortiMail unit to be scanned. If the FortiMail unit is operating in gateway mode, for each protected domain, modify public DNS records to keep only a single MX record entry that points to the FortiMail unit.
  • Use white lists with caution. For example, a white list entry *.edu would allow all email from all domains in the .edu top level domain to bypass antispam scans.
  • Do not whitelist protected domains. Because white lists bypass antispam scans, email with spoofed sender addresses in the protected domains could bypass antispam features.
  • Verify that all protected domains have matching policies and proper protection profiles.
  • Consider enabling adaptive antispam features such as greylisting and sender reputation.

Note: Enable additional antispam features gradually, and do not enable additional antispam features after you have achieved a satisfactory spam detection rate. Excessive antispam scans can unnecessarily decrease the performance of the FortiMail unit.