Configuring profiles : Configuring antivirus profiles and antivirus action profiles : Managing antivirus profiles
Managing antivirus profiles
Go to Profile > AntiVirus to create antivirus profiles that you can select in a policy in order to scan email for viruses.
The FortiMail unit scans email header, body, and attachments (including compressed files, such as ZIP, PKZIP, LHA, ARJ, and RAR files) for virus infections. If the FortiMail unit detects a virus, it will take actions as you define in the antivirus action profiles. For details, see “Configuring antivirus action profiles”.
FortiMail keeps its antivirus scan engine and virus signature database up-to-date by connecting to Fortinet FortiGuard Distribution Network (FDN) antivirus services. For details, see “Configuring FortiGuard updates and antispam queries”.
To access this part of the web UI, your administrator account’s access profile must have Read or Read-Write permission to the Policy category. For details, see “About administrator account permissions and domains”.
To configure an antivirus profile
1. Go to Profile > AntiVirus > AntiVirus.
2. Either click New to add a profile or double-click a profile to modify it.
A dialog appears.
3. Click the arrows to expand each section as needed and configure the following:
 
GUI item
 
Description
Domain
 
 
For a new profile, select either System to apply the profile to the entire FortiMail unit, or select a specific protected domain. You can see only the domains that are permitted by your administrator profile.
Profile name
For a new profile, type its name.
Default action
 
Select an action profile or create a new action profile. See “Configuring antivirus action profiles”.
AntiVirus
Enable to perform antivirus scanning.
 
Malware Outbreak
Enable to scan for malware.
 
Heuristic
Enable to use realtime malware analysis, or heuristic antivirus scan, when performing antivirus scanning.
 
File signature check
Enable to scan for file signatures. For details, see “Adding file signatures”.
 
Grayware
Enable to scan for grayware, such as mail bomb detection.
FortiSandbox
 
Enable this option to send potentially harmful attachments, such as executables, PDF, and OCX files, to FortiSandbox for further analysis. For details about FortiSandbox configuration, see “Using FortiSandbox antivirus inspection”.
 
Virus
High risk
Medium risk
Low risk
Specify the action to take if the FortiSandbox analysis determines that the email messages have virus or other threat qualities. You can specify different actions according to the threat levels.