Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
eferreira_FTNT
Staff
Staff

Created on ‎01-02-2013 08:58 AM

Article Id 195265

Technical Note : Enabling the personal or per-recipient quarantine report

Description

This document explains how to enable the personal or per-recipient quarantine report and how to troubleshoot problems related with it.


Scope

FortiMail quarantine report.


Solution

The FortiMail can be configured to send personal quarantine reports to some or all users. To enable this feature, there are three settings in the Fortimail configuration that have to be enabled:

1- Under Mail Settings -> Domains -> Domains, expand the “Advanced Settings” option and enable “Send to individual recipients” under “Quarantine Report Settings”:
eferreira_fd33936_a_FD33936_1.jpg

 
 
 

2- 2-      Enable “Send quarantine report” under “Personal Quarantine” in the AntiSpam action profile that is being applied “as default” to the recipient-based policy that matches the incoming traffic:

eferreira_fd33936_a_fd33936_2.JPG

 


If the Antispam profile is using more than one Antispam Action Profile, the option “Send quarantine report” has to be enabled on the Action Profile selected as the “Default Action”

3- Enabled “Receive spam report” under User -> User Preference:

eferreira_fd33936_a_FD33936_3.jpg

 

How to test it

Once the personal quarantine report has been enabled in the 3 steps described above, the Fortimail will automatically start sending the reports to each recipient according with the schedule configured under Mail Settings -> Domains -> Quarantine Report Setting.

For testing purposes, you can also manually force the Fortimail to send the quarantine report anytime to a specific recipient. Go to Quarantine -> Personal Quarantine, select any user that have received spam emails recently, click on “Send Qurantine Report to…” and then on “Selected users”:
eferreira_fd33936_a_FD33936_4.jpg

 

The event logs should show two entries like these ones:

“Spamreport: found X Messages for User: test@test.lab to (test@test.lab)”

 “to=test@test.lab, delay=00:00:04, xdelay=00:00:00, mailer=esmtp, pri=0, relay=test.lab. [x.x.x.x], dsn=2.0.0, stat=Sent (q9IJYANc001298-q9IJYANe001298 Message accepted for delivery)”

The first log indicates that the Fortimail is about to send the span report to recipient test@test.lab. The second log indicates that the email was actually sent.

Most common problems

If after doing the test above, the recipient does not receive the spam report, the event logs would show if the Fortimail had any problem generating or sending the report. For example:

- The recipient does not have any quarantined email or no email has been quarantined recently:

“Spamreport: found 0 Messages for User: test@test.lab”

- “Receive spam report” is disabled under User Preferences for the recipient:

“Spamreport: skips user preference spam report disabled user test~test.lab”

- “Send quarantine report” is disabled in the Antispam action profile”

“Spamreport: skips anti-spam profile spamreport disabled user path /home/test.lab/test~test.lab”


11177
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.