Configuring profiles : Configuring session profiles : Configuring list options
Configuring list options
This procedure is part of the session profile configuration process. For general procedures about how to configure a session profile, see “Configuring session profiles”.
1. Go to Profile > Session.
2. Click New to create a new session profile or double click on an existing profile to edit it.
3. Click the arrow to expand Lists.
Configure the sender and recipient block lists and safe lists, if any, to sue with the session profile. Block and safe lists are separate for each session profile, and apply only to traffic controlled by the IP-based policy to which the session profile is applied.
Email addresses in each block list or safe list are arranged in alphabetical order. For more information on how blocklisted email addresses are handled, see “Order of execution of block lists and safe lists”.
 
If you require regular expression support for safelisting and blocklisting sender and recipient email addresses in the envelope, do not configure safe and block lists in the session profile. Instead, configure access control rules and message delivery rules. For more information, see “Managing the address book (server mode only)”.
 
 
Use block and safe lists with caution. They are simple and efficient tools for fighting spam and enhancing performance, but can also cause false positives and false negatives if not used carefully. For example, a safe list entry of *.edu would allow all email from the .edu top level domain to bypass the FortiMail unit's other antispam scans.
4. Configure the following:
 
GUI item
Description
Enable sender safe list checking
Enable to check the sender addresses in the email envelope (MAIL FROM:) and email header (From:) against the safe list in the SMTP sessions to which this profile is applied, then click Edit to define the safelisted email addresses.
Enable sender block list checking
Enable to check the sender addresses in the email envelope (MAIL FROM:) and email header (From:) against the block list in the SMTP sessions to which this profile is applied, then click Edit to define the blocklisted email addresses.
Allow recipients on this list
Enable to check the recipient addresses in the email envelope (RCPT TO:) and email header (To:) against the safe list in the SMTP sessions to which this profile is applied, then click Edit to define safelisted email addresses.
Disallow recipients on this list
Enable to check the recipient addresses in the email envelope (RCPT TO:) and email header (To:) against the block list in the SMTP sessions to which this profile is applied, then click Edit to define blocklisted email addresses.