Configuring Profiles

Configuring profiles

The Profile menu lets you configure many types of profiles. These are a collection of settings for antispam, antivirus, authentication, or other features.

After creating and configuring a profile, you can apply it either directly in a policy, or indirectly by inclusion in another profile that is selected in a policy. Policies apply each selected profile to all email messages and SMTP connections that the policy governs.

Creating multiple profiles for each type of policy lets you customize your email service by applying different profiles to policies that govern different SMTP connections or email users. For instance, if you are an Internet service provider (ISP), you might want to create and apply antivirus profiles only to policies governing email users who pay you to provide antivirus protection.

This section includes:

  • Configuring session profiles
  • Configuring antispam profiles and antispam action profiles
  • Configuring antivirus profiles and antivirus action profiles
  • Configuring content profiles and content action profiles
  • Configuring resource profiles (server mode only)
  • Configuring authentication profiles
  • Configuring LDAP profiles
  • Configuring dictionary profiles
  • Configuring security profiles
  • Configuring IP pools
  • Configuring email and IP groups
  • Configuring notification profiles

Configuring session profiles

Session profiles focus on the connection and envelope portion of the SMTP session. This is in contrast to other types of profiles that focus on the message header, body, or attachments.

To access this part of the web UI, your administrator account’s access profile must have Read or Read-Write permission to the Policy category. For details, see “About administrator account permissions and domains” on page 290.

To configure session profiles

  1. Go to Profile > Session > Session.
  2. Click New to add a profile or double-click a profile to modify it.

A multisection page appears.

Figure 193:Session Profile dialog

  1. For a new session profile, type the name in Profile name.
  2. Configure the following sections as needed:
  • “Configuring connection settings” on page 483
  • “Configuring sender reputation options” on page 485
  • “Configuring endpoint reputation options” on page 487
  • “Configuring sender validation options” on page 488
  • “Configuring session settings” on page 490
  • “Configuring unauthenticated session settings” on page 493
  • “Configuring SMTP limit options” on page 496
  • “Configuring error handling options” on page 497
  • “Configuring header manipulation options” on page 498
  • “Configuring list options” on page 499
  • Configuring advanced MTA control settings

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

6 thoughts on “Configuring Profiles

  1. Steve

    Hi, on these instructions it states “personal black lists and white lists” on page 620.”

    Where can i get the book to view page 620??

    Reply
  2. Laurent

    Hello,
    What about the confidence degree of Header Analysis (also called Deepheader Analysis)? The default value is 95.0, and statisticaly on dozen of emails, all the values are always within range 95,03- 95,09. What is really checked in headers ? In our organization (government – 5000 users) we have lots of SPAM catched but also lots of false positive catched by this feature…

    Reply
    1. Mike Post author

      Unfortunately the defaults are just “broad strokes”. A lot of tweaking is necessary to get things to where you are in your organization’s happy range of false positives vs missed spam.

      Reply
  3. Dormond

    Hello,
    Do we have some addtional info regarding heuristic filter ? It is quite tricky to proceed with fine tuning with this light description. In my case, default settings just catch anything (around 10 emails out of 150’000… Now I have decreased threshold value to 3.0 and increased percentage of rules to 50% and now it catches around 200 emails out of 750’000 … still no false-positive.

    Reply
  4. Laurent

    Hello,

    Is there a way to clear only one entry in the LDAP cache ? Since we have over 10’000 users and that there are multiple routers and FW between the SMTP Gateway and the LDAP servers we do not want to clear the whole cache.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.