Configuring policies for PKI access to email quarantine (transparent and gateway mode)
Use this procedure to configure a recipient-based policy for quarantine (spam) email access using PKI authentication.
This procedure applies only if the FortiMail unit is operating in gateway or transparent modes. In gateway or transparent mode, the FortiMail unit can be configured to store regular email on an SMTP server and quarantine email in a bulk folder on the FortiMail unit. From the end-user perspective, connection to the regular email folders and bulk (quarantine) email folder is seamless, but the folders actually reside on two separate servers.
For more information on storing quarantine email on FortiMail, see
“Managing the quarantines”.
To configure access to email quarantine using PKI
3. From
Policy > Policies >
Policies, select
New under Recipient Policies to create a new recipient based policy for quarantined email or
Edit to change an existing policy. For more information on recipient base policies, see
“Controlling email based on recipient addresses”.
4. Expand Advanced Settings and configure the following:
• Ensure the Enable PKI authentication for web mail spam access is enabled.
• If desired, select a PKI user name from the drop-down list.
| Ensure the PKI user is appropriate for the selected recipient. Choosing the wrong PKI user could result in email user access to administrator functions. |
• Ensure Certificate validation is mandatory is enabled. This will enforce PKI authentication for the specified PKI user.
5. Repeat steps
3 and
4 for each PKI user that requires access to quarantine email.