Greylisting in FortiMail scans spam based on the behavior of the sending server rather than the individual message. So, let’s say you receive email from an unknown source. The unit will temporarily reject the message and then resend it later.
This recipe will go over configuring the grey list and then provide a brief tutorial on how to add exemptions to the list.
Configuring the Greylist
|
|
First we’ll need to configure the time intervals used during the automatic greylisting process.
- Go to Security > Greylist > Settings.
- Enter the Greylisting TTL that determines the maximum amount of time that unused automatic greylist entries will be retained.
- Enter the Greylisting period. If no manual greylist entry (exemption) matches the email message, the FortiMail unit creates a pending automatic grelylist entry and replies with a temporary failure code.
- Select Apply.
|
![]()
|
Creating Manual Exemptions
|
|
You may want to make some addresses exempt from the greylisting check so you can get those messages faster.
To view and configure manual greylist entries
- Go to Security > Greylist > Exempt.
- Select New.
- Enter the Sender pattern that defines a matching sender email address. You can match any sender by using an asterix.
- Enable Regular expression if you entered a pattern using regular expression syntax.
- Enter the Recipient pattern that defines a matching recipient address. For example, if we enter *@example.com, all messages sent to that address will be exempt.
- Enter the IP address and netmask that defines SMTP clients that match this entry. For example, if we enter 10.10.10.10/25, we will match the 24-bit subnet of ip addresses starting with 10.10.10.
- Enter the pattern that defines valid host names for the IP address of the SMTP client. For example, entering mail*.com will match messages delivered by an SMTP client whose host name starts with “mail” and ends with “.com”.
- Select Create.
|
![]()
|
The post Configuring Greylisting in FortiMail appeared first on Fortinet Cookbook.
