Introduction
About the FortiOS International and US Domestic distributions
FortiGate-1000A/FA2 Administration Guide
01-28011-0254-20051115
21
SMTP virus scanning only operates in streaming mode
SMTP virus scanning operates in streaming in mode (also called splice mode) only. In
streaming mode the FortiGate unit simultaneously scans an email and sends it to the
SMTP server. If the FortiGate unit detects a virus, the FortiGate unit terminates the
server connection and returns an error message to the sender, listing the virus name
and system generated quarantine file name. If SMTP quarantine is not enabled, the
quarantine filename is blank. The SMTP server is not able to deliver the email if it was
sent with an infected attachment. An error message is returned to the sender if an
attachment is infected. The receiver does not receive the email or the attachment.
Spam filter email tagging for SMTP is not supported
Because SMTP virus scanning operates in streaming mode the FortiGate unit
discards spam email and immediately drops the connection. In the US Domestic
distribution, spam filter email tagging is not supported.
SMTP quarantine file name system generated
When the FortiGate unit quarantines files from an SMTP email the file name of the
quarantined file is changed to a system generated file name. The system generated
file name consists of the name of the of the sender email address and the name of the
receiver email address separated with an underscore. The system generated file
name does not include a file name extension.
For example, if the file test.doc was quarantined in an email being sent from
[email protected] to [email protected] the file name of the quarantined file would be
user_info.
The default mail virus replacement message (splice mode) is
changed
The default mail virus message (splice mode) replacement message is changed from:
The file %%FILE%% has been infected with the virus %%VIRUS%% File quarantined
as %%QUARFILENAME%%
to
An email has been infected with the virus %%VIRUS%% File quarantined as
%%QUARFILENAME%%
This change removes the name of the infected file from the replacement message.
The replacement message now only contains the name of the virus that the file is
infected with, and the quarantine filename.
For SMTP email, %%QUARFILENAME%% is the system-generated quarantine file
name. For other email protocols %%QUARFILENAME%% is the original file name. If
quarantine is not enabled for the email protocol, %%QUARFILENAME%% will be
blank.
The %%FILE%% variable is still available. If you add %%FILE%% to the mail virus
message (splice mode) replacement message, %%FILE%% will always add
<no filename> to replacement messages generated for viruses found in SMTP email.
For other email protocols, %%FILE%% adds the name of the infected file to the
replacement message.
Содержание FortiGate 1000A
Страница 80: ...80 01 28011 0254 20051115 Fortinet Inc FortiGate IPv6 support System Network ...
Страница 88: ...88 01 28011 0254 20051115 Fortinet Inc Dynamic IP System DHCP ...
Страница 122: ...122 01 28011 0254 20051115 Fortinet Inc FortiManager System Config ...
Страница 248: ...248 01 28011 0254 20051115 Fortinet Inc Protection profile Firewall ...
Страница 260: ...260 01 28011 0254 20051115 Fortinet Inc CLI configuration User ...
Страница 380: ...380 01 28011 0254 20051115 Fortinet Inc CLI configuration Log Report ...
Страница 392: ...392 01 28011 0254 20051115 Fortinet Inc Glossary ...