Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
Somashekara_Hanumant
Staff
Staff

Created on ‎02-08-2017 05:23 AM

Article Id 192704

Technical Note: Restrict sending emails to an alias email account

Description
This article explains how to restrict the sending of emails to an alias email ID (For example: all@example.lab).

Only specific users should be allowed to send the emails to all@example.lab, if any other users send email to this alias email ID, they should be rejected/denied.

For example:
On FortiMail (in server mode) example.lab is configured as protected domain.

Configured some users, and created a alias user email id as all@example.lab and moved all the users to this.

Only specific users should send the emails to alias email id, and the rest should not.

Scope
FortiMail in server mode.

Solution
Create email-address group

shreddy_FD40214_tn_FD40214-1.jpg
config profile email-address-group
edit restricted
config member
edit exam2@example.lab
next
edit exam3@example.lab
next
end
next
end

Create Access control receiving policy

shreddy_FD40214_tn_FD40214-2.jpg
config policy access-control receive
edit 1
set sender-pattern <int>
set authenticated not-authenticated
next
edit 3
set sender-pattern-type group
set sender-pattern-group restricted
set recipient-pattern all@example.lab
set authenticated authenticated
set action relay
next
edit 2
set sender-pattern <int>
set recipient-pattern all@example.lab
next
end

Sending an email from exam2@example.lab using an email client (Thunderbird or MS Outlook) should result in the emails being passed and delivered to all users in the alias account.
Column    Content
Log Type    History
Date    2016-12-13
Time    23:12:38
Classifier    Not Spam
Disposition    Accept
From    exam2@example.lab
To    exam1@example.lab
Subject    testing for alias
Session ID    uBE7CbfJ008378-uBE7CbfK008378
Client    [10.5.25.24]
Level    information
Type    statistics
Destination IP    10.5.25.42
Length    380
Resolved    FAIL
Mailer    mta
Direction    in
Policy IDs    3:1:3
Domain    example.lab
Log ID    0200008379

From the above log traffic can be seen hitting Access Control policy 3.

If an email is sent from other than exam2@example.lab or exam4@example.lab users, the result will be an 'Access Control Denied' message.
Column    Content
Log Type    History
Date    2016-12-13
Time    23:11:44
Classifier    Access Control-Reject
Disposition    Reject
From    exam1@example.lab
To    all@example.lab
Session ID    uBE7BbIt008374-uBE7BbIu008374
Client    [10.5.25.24]
Level    information
Type    statistics
Destination IP    10.5.25.42
Length    394
Resolved    FAIL
Mailer    mta
Direction    in
Policy IDs    2:1:0
Domain    example.lab
Log ID    0200008375

From the above logs traffic is seen to match on Access Control policy 2 and Disposition is 'Reject'.

Labels:
938
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.