Configuring profiles : Configuring content profiles and content action profiles : Configuring content action profiles
Configuring content action profiles
The Action tab in the Content submenu lets you define content action profiles. Use these profiles to apply content-based encryption.
Alternatively, content action profiles can define one or more things that the FortiMail unit should do if the content profile determines that an email contains prohibited words or phrases, file names, or file types.
For example, you might have configured most content profiles to match prohibited content, and therefore to use a content action profile named quar_profile which quarantines email to the system quarantine for review.
However, you have decided that email that does not pass the dictionary scan named financial_terms is always prohibited, and should be rejected so that it does not require manual review. To do this, first configure a second action profile, named rejection_profile, which rejects email. You would then override quar_profile specifically for the dictionary-based content scan in each profile by selecting rejection_profile for content that matches financial_terms.
To access this part of the web UI, your administrator account’s access profile must have Read or Read-Write permission to the Policy category. For details, see “About administrator account permissions and domains”.
To view and manage the list of content action profiles
1. Go to Profile >Content > Action.
 
GUI item
Description
Domain
(drop-down list)
Select System to see profiles for the entire FortiMail unit, or select a protected domain name to see profiles for that domain. You can see only the domains that are permitted by your administrator profile.
Profile Name
Displays the name of the profile.
Domain
(column)
Displays either System or a domain name.
Direction
Displays either Incoming for a profile that can be used by an incoming policy, or Outgoing for a profile that can be used by an outgoing policy.
(Green dot in column heading)
Indicates whether or not the entry is currently referred to by another item in the configuration. If another item is using this entry, a red dot appears in this column, and the entry cannot be deleted.
2. Either click New to add a profile or double-click an existing profile to modify it.
A dialog appears.
3. Configure the following:
 
GUI item
Description
Domain
For a new profile, select either System to apply the profile to the entire FortiMail unit, or select a protected domain name to apply it to that domain. You can see only the domains that are permitted by your administrator profile.
Profile name
For a new profile, enter its name.
Direction
For a new profile, select either Incoming for a profile that can be used by an incoming policy, or Outgoing for a profile that can be used by an outgoing policy. For definitions of outgoing and incoming email, see “Incoming versus outgoing email messages”.
Tag email’s subject line
Enable and enter the text that will appear in the subject line of the email, such as “[PROHIBITED-CONTENT]”, in the With value field. The FortiMail unit prepends this text to the subject line of the email before forwarding it to the recipient.
Many email clients can sort incoming email messages into separate mailboxes based on text appearing in various parts of email messages, including the subject line. For details, see the documentation for your email client.
Insert new header
Enable and enter the message header key in the field, and the values in the With value field. The FortiMail unit adds this text to the message header of the email before forwarding it to the recipient.
Many email clients can sort incoming email messages into separate mailboxes based on text appearing in various parts of email messages, including the message header. For details, see the documentation for your email client.
Message header lines are composed of two parts: a key and a value, which are separated by a colon. For example, you might enter:
X-Content-Filter: Contains banned word.
If you enter a header line that does not include a colon, the FortiMail unit will automatically append a colon, causing the entire text that you enter to be the key.
Note: Do not enter spaces in the key portion of the header line, as these are forbidden by RFC 2822.
Deliver to alternate host
Enable to route the email to a specific SMTP server or relay, then type the fully qualified domain name (FQDN) or IP address of the destination.
Note: If you enable this setting, for all email that matches the profile, the FortiMail unit will use this destination and ignore Relay server name and Use this domain’s SMTP server to deliver the mail.
BCC
Enable to send a blind carbon copy (BCC) of the email.
Configure BCC recipient email addresses by entering each one and clicking Create in the BCC area.
Archive to account
Enable to send the email to an archiving account. As long as this action is enabled, no matter if the email is delivered or rejected, it will still be archived.
Click New to create a new archiving account or click Edit to modify an existing account. For details about archiving accounts, see “Email archiving workflow”.
Notify with profile
Enable and select a notification profile to send a notification email to the sender, recipient, or any other people as you configure in the notification profile. The notification email is customizable and will tell the users what happened to the email message. For details about notification profiles and email templates, see “Configuring notification profiles” and “Customizing email templates”.
Treat as spam
Enable to perform the Actions selected in the antispam profile of the policy that matches the email. For more information, see “Configuring antispam action profiles”.
Reject
Enable to reject the email and reply to the SMTP client with SMTP reply code 550.
Discard
Enable to accept the email, but then delete it instead of delivering the email, without notifying the SMTP client.
Replace
Enable to replace the email’s contents with a replacement message. For more information, see “Customizing GUI, replacement messages and email templates”.
Personal quarantine
Enable to redirect the email to the per-recipient quarantine. For more information, see “Managing the personal quarantines”.
This option is available only for incoming profiles.
System quarantine
Enable to redirect the email to the system quarantine. For more information, see “Managing the system quarantine”.
The two quarantine options are mutually exclusive.
Rewrite recipient email address
Enable to change the recipient address of any email that matches the content profile.
Configure rewrites separately for the local-part (the portion of the email address before the '@' symbol, typically a user name) and the domain part (the portion of the email address after the '@' symbol). For each part, select either:
None: No change.
Prefix: Prepend the part with text that you have entered in the With field.
Suffix: Append the part with the text you have entered in the With field.
Replace: Substitute the part with the text you have entered in the With field.
Encrypt with profile
Enable to apply an encryption profile, then select which encryption profile to use. For details, see “Configuring encryption profiles”.
Note that If you select an IBE encryption profile, it will be overridden if either S/MIME or TLS or both are selected in the message delivery rule configuration (Policy > Access control > Delivery > New).
For information about message delivery rules, see “Configuring delivery rules”.
To apply a content action profile, select it in the Action drop-down list of one or more antispam profiles. For details, see “Managing antispam profiles”.