In this recipe, you'll configure FortiMail to protect Microsoft 365 email users by scanning incoming email right after the email reaches their mailbox.
Once you have linked your Microsoft 365 account to the FortiMail unit, you will enable and configure real-time scanning. You will then simulate a spam email that real-time scanning will identify and take the appropriate action.
The Microsoft 365 real-time scan feature requires the following:
Real-time scanning allows you to apply security profiles and their actions to only those emails that match certain criteria specified in a real-time scan policy. These criteria are based on source, sender, and recipient information.
You can also optimize the efficiency of real-time scanning by enabling the
hide-email-on-arrival CLI command. This feature restricts users from receiving and opening potentially dangerous emails by first subjecting the email to real-time scanning. Only when the email is deemed safe is it then moved to the users mailbox.