Monitoring the system : Managing the quarantines : Managing the personal quarantines : How to enable, configure, and use personal quarantines
 
How to enable, configure, and use personal quarantines
In general, to use personal quarantines, you should complete the following:
1. Configure the host name and mail queue of the FortiMail unit. For details, see “Configuring the host name, port numbers, relay, mail queue and DSN” on page 217.
For information on how to configure domain name server (DNS) records to support your FortiMail unit’s local domain and fully qualified domain name (FQDN), see “Setting up the system” on page 38.
If you want to specify an alternate FQDN that will be used only by web release/delete URLs in HTML-formatted quarantine reports, see “Web release host name/IP” on page 426. This FQDN should be globally resolvable.
2. Select the recipients, delivery schedule, and release methods of the quarantine report. For details, see “Configuring protected domains” on page 230 for quarantine report settings that are domain-specific, or “Configuring global quarantine report settings” on page 425 for quarantine report settings that are system-wide.
3. If email users will release/delete email from their quarantine by sending email, configure the user name portion (also known as the local-part) for the quarantine control email addresses. (The domain-part will be the local domain name of the FortiMail unit.) For details, see “Configuring the quarantine control accounts” on page 434.
4. For gateway mode or transparent mode, configure authentication profiles that will allow email users to authenticate when accessing their per-recipient quarantine. Alternatively, if email users require only HTTP/HTTPS access, you may configure PKI user accounts.
For server mode, configure the email user accounts. Email users can authenticate using this account to access their per-recipient quarantine.
For details, see “Workflow to enable and configure authentication of email users” on page 377.
 
You can allow unauthenticated HTTP/HTTPS access to the per-recipient quarantine during a limited period following the sending of the quarantine report. For details, see “Time limited access without authentication” on page 426 and “Expiry period” on page 426.
5. Enable quarantine reports in each email user’s preferences. Both FortiMail administrators and email users can do this. For details, see “Configuring user preferences” on page 273, or the online help for FortiMail webmail and per-recipient quarantines.
6. If the FortiMail unit is operating in server mode and you want to enable web release/delete, configure resource profiles in which “Webmail access” is enabled.
7. Enable the Personal quarantine and Send quarantine report option in incoming antispam and/or content profiles. If you want to allow email users to release and/or delete email from their quarantine by email or web release/delete, also enable Email release and Web release.
For details, see “Configuring antispam action profiles” on page 353 and/or “Configuring content action profiles” on page 369.
8. Select the antispam and/or content profiles in incoming recipient-based policies. If you configured a resource profile in step 6, also select the resource profile.
If the FortiMail unit is operating in gateway or transparent mode and you want to enable web release/delete, enable Allow quarantined email access through webmail in each incoming recipient-based policy.
For details, see “Controlling email based on recipient addresses” on page 309.
9. Either email users or FortiMail administrators can manage email in the per-recipient quarantines. For details, see “Managing the personal quarantines” on page 51 and “Releasing and deleting email via quarantine reports” on page 431.
See also 
Managing the personal quarantines