DescriptionThis article explains the concept of Greylist scanning on FortiMail.
SolutionGreylist scanning is based on the fact that the FortiMail will “temporarily reject” any email from a sender that is not recognized.
The sender is recognized by a triplet: IP address, envelope sender and envelope recipient. If the mail is legitimate then the originating server will try once again in order to achieve the message release. On other hand, if the origin is a spammer that message will not be tried to release once again.
Therefore, there is some timers that we need to know in order to be secure that this feature works in a correct way that will be explained below:
- greylist-init-expired-period. Initiate once that first attempt is made. The sender will retry before the initial expiry period expires. This is configurable only through CLI and could take values between 4 and 24 hours.
- Grey list TTL. Starts once the triplet is added to the Greylist database. An email is maintained on the database until the TTL expires. This could be set by GUI or CLI.
- Greylisting period. Starts when an initial attempt is made. Indicates for how long that email will be rejected. This value could be set by CLI or GUI.
