Bounce address tagging is applied to the sender email address in the message envelope only; it is not applied to the sender email address in the message header. |
The sender email address is typically empty for bounce messages. The sender email address may also be empty for some types of spam that are not bounce messages. Because the sender email addresses of those types of spam will not have a proper tag, similar to bounce message spam, these spam will fail the bounce verification process. Email sent from email clients or webmail will not have an empty sender email address, and therefore will not be subject to the bounce verification process. |
GUI item | Description |
New, Edit, Delete (buttons) | Click to create, edit or delete a key. Note: If you delete a key, any email with a tag generated when that key was active will fail bounce verification. After activating a new key, keep the previously active key until any tags generated with the old key expire. Delete is unavailable if the Status of the key is Active. |
Key | Displays the string of text that is the private key. This can be any arbitrary string of text, and will be used together with randomizing data to generate each bounce address tag. |
Status | Indicates which key is activated for use. • Active: The key is activated. • Inactive: The key is deactivated. Only one of the keys may be activated at any given time. The activated key is the one that will be used to generate the bounce address tags for outgoing email. Both activated and deactivated keys will be used for bounce address tag verification of incoming email. To activate or deactivate a key, double-click it and modify its Status. |
Last Used | Displays the date and time when the key was generated or last used to verify the bounce address tag of an incoming email, whichever is later. |
Enable bounce verification | Mark this check box to enable verification of bounce address tags for all incoming email. If you want to make exceptions for email that does not require bounce address tag verification, you can bypass bounce verification in protected domains and session profiles. For more information, see “Configuring protected domains” and “Configuring session profiles”. |
Bounce verification tag expires in (days) | Enter the number of days after creation when bounce message keys will expire and their resulting tags will fail verification. |
Keys will be automatically removed | Displays the period of time after which unused, deactivated keys will be automatically removed. The activated key will not be automatically removed. |
Bounce verification action | Select which action that a FortiMail unit will perform when an incoming email fails bounce address tagging verification, either: • Reject: Reject delivery of the email and respond to the SMTP client with SMTP reply code 550 (Relaying denied). • Discard: Accept the email, but silently delete it and do not deliver it. Do not inform the SMTP client. • Use antispam profile setting: Use the actions configured in the antispam profile that you selected in the policy that matches the email message. For more information on actions, see “Configuring antispam action profiles”. |
GUI item | Description |
Key name | Enter the string of text that will be used together with randomizing data in order to generate each bounce address tag. Keys must not be identical. This field cannot be modified after a key is created. Instead, you must create a new key. If you are certain that no email has used a key, and therefore no bounce messages can exist which would require tag verification, you can safely delete that key. |
Status | Select the activation status of the key. • Active: The key will be activated, and used to generate bounce address tags for outgoing messages. If any other key is currently activated, it will be deactivated when this new key is saved and activated. • Inactive: The key will be deactivated. You can activate the key at a later time. Only one of the keys may be activated at any given time.The activated key is the one that will be used to generate tags for outgoing messages. Both activated and deactivated keys will be used for bounce address tag verification of incoming email. |