FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable
Article Id 196247

Description

How to enable logging for all email, not just spam logging.
 
Options to enable logging or archiving of all emails have changed since FortiOS 3.0.  Customers may wish to log ALL emails that pass through a FortiGate.  This may be to archive and send the data to a FortiAnalyzer.

This article ONLY applies to FortiOS 4.0.  Summary archiving will be added back into FortiOS 4.1.


Solution

In FortiOS 4.0 users will need to enable data Leak Prevention in a protection profile and apply this to a policy.  The steps required to create and apply these rules are documented on page 511 of the FortiGate Administration Guide. 
 
 
Configuration is performed in the UTM>Data Leak Prevention menu.  DLP Sensors are created and then given DLP Rules.
 
Firewall>Protection Profile>Data Leak Prevention Sensor
 
Once a DLP sensor has been created, a Rule or Compound Rule will be applied to the sensor.  In doing this the IMPORTANT step is to enable archive. 
 
sotoole_FD30725_Enable Archive DLP Rule.JPG
 
'Archive enable' must be set for all 'Actions' in order to gather complete information for logging purposes.

 

Contributors