ip_profile sendervalidation | set |
ip_profile sendervalidation
The sender validation options allow confirmation of sender and message validity.
Syntax
set ip_profile <name_str> sendervalidation authenticated {enable disable}
set ip_profile <name_str> sendervalidation bypassbounceverify {enable disable}
set ip_profile <name_str> sendervalidation dkim {enable disable}
set ip_profile <name_str> sendervalidation domainkey {enable disable} set ip_profile <name_str> sendervalidation signing {enable disable} set ip_profile <name_str> sendervalidation spf {enable disable}
Keywords and Variables | Description | Default |
|
|
|
<name_str> | Enter the name of the session profile. |
|
authenticated {enable | Only available when DKIM signing is enabled, this setting will limit | disable |
disable} | DKIM message signing to senders who authenticate with the FortiMail |
|
| unit. |
|
bypassbounceverify | If bounce verification is enabled, select bypass bounce verification for | disable |
{enable disable} | connections matching this policy. This bypass does not prevent the |
|
tagging of outgoing messages. For information on enabling |
| |
| verification of delivery status notification (DSN) email, see “as |
|
| bounceverify” on page 99. |
|
dkim {enable | Check the validity of DKIM signatures, if present. An invalid signature | disable |
disable} | will increase the client sender reputation score and affect the deep |
|
header scan. A valid signature decreases the client sender reputation |
| |
| score. |
|
| If the sender domain DNS record does not include DKIM information |
|
| or the message is not signed, the validation is skipped. |
|
|
|
|
domainkey {enable | If the sender domain DNS record lists DomainKeys authorized IP | disable |
disable} | addresses, the DomainKeys check will compare the client IP address |
|
| to the authorized senders. |
|
| A DomainKeys failure increases the client sender reputation score. A |
|
| DomainKeys validation decreases the client sender reputation score. |
|
| If the sender domain DNS record does not publish DomainKeys |
|
| information, the check is skipped. |
|
signing {enable | Sign outgoing messages with DKIM signatures. Signed messages | disable |
disable} | can be validated at their destination. Signing requires that a domain |
|
key selector be generated by the FortiMail unit and added to the DNS |
| |
| zone file. |
|
| The domain key selector can be generated in the domain |
|
| configuration. Go to Mail Settings > Domains > Domains. |
|
|
|
|
spf {enable disable} | If the sender domain DNS record lists SPF authorized IP addresses, | disable |
| the SPF check will compare the client IP address to the authorized |
|
| senders. |
|
| An SPF failure increases the client sender reputation score. An SPF |
|
| validation decreases the client sender reputation score. |
|
| If the sender domain DNS record does not publish SPF information, |
|
| the check is skipped. |
|
History
FortiMail v3.0 New.
FortiMail v3.0 MR4 Added keyword bypassbounceverify.
| FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference |
186 |
