Hot!Emails that were considered "high risk" in Fortisandbox, Fortimail is letting it go.

Author
angie1996
Bronze Member
  • Total Posts : 41
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/11/24 18:24:16
  • Status: offline
2021/02/22 23:00:38 (permalink)
0

Emails that were considered "high risk" in Fortisandbox, Fortimail is letting it go.

Good day
* There are emails that the FORTISANDBOX has classified as high risk, low risk, malicious; However, FORTIMAIL is classifying it as 'Not Spam' or 'Safe System', despite the severity it presents, it is letting it pass. What is the reason that FORTIMAIL has accepted it, despite the severity that FORTISANDBOX classified it?
The logs were reviewed and they do not indicate if the email is malicious or high risk.
The domains or emails that are included in the "safe list" of FORTIMAIL, are not going to perform any scan analysis? because in the logs it is observed that despite the severity they are letting FORTIMAIL pass.
#1
abelio
Expert Member
  • Total Posts : 3680
  • Scores: 57
  • Reward points: 0
  • Joined: 2005/03/31 13:28:59
  • Location: Buenos Aires, Argentina
  • Status: offline
Re: Emails that were considered "high risk" in Fortisandbox, Fortimail is letting it go. 2021/02/23 05:32:32 (permalink)
0
Hi,
whitelisting domains or address is a last resource strategy, not a toy to play with.
Is important to solve email traffic using the several antispam layers available.
 
If fortisandbox is well integrated and configured with fortimail, an infected email will not pass.
 
But, if you whitelist domains or e-mails addresses widely,  all your efforts will be, literally, wasted
 
 
 

regards
--
Abel
#2
angie1996
Bronze Member
  • Total Posts : 41
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/11/24 18:24:16
  • Status: offline
Re: Emails that were considered "high risk" in Fortisandbox, Fortimail is letting it go. 2021/02/23 15:08:25 (permalink)
0
gracias por su respuesta amigo. Por lo que me dices, entiendo que si los dominios estan en la lista blanca a pesar que el fortisandbox los catalogue como peligrosos, entonces el fortimail los dejara pasar porque estan incluidos en la lista blanca del fortimail por lo tanto no toma ninguna accion. estoy en lo correcto? 
 
 
#3
Jump to:
© 2021 APG vNext Commercial Version 5.5