What's New
The following table summarizes the new features and enhancements in this release. For details, see the FortiMail Administration Guide.
Feature |
Description |
---|---|
FortiNDR (FortiAI) Integration |
FortiNDR malware detection server has been integrated into the antivirus profile. |
FortiAnalyzer Cloud Integration |
FortiMail can send logs to FortiAnalyzer Cloud. |
Email Continuity Enhancements |
|
Mail Queue Search Enhancement |
Added sending, deleting, and delivering to alternative host functions in mail queue search. Also added REST API support for these functions. |
Quarantined Email Attachment Download Control |
Added control in the resource profile to disable/enable webmail users' attachment download of their personal quarantines. |
Authenticated Received Chain (ARC) Support |
Support ARC validation and sealing. |
Header Removal |
Added header removal to content and DLP action profiles. |
Configuration Control |
Added CLI commands to restrict domain level admins to make changes to some settings. |
Redirector URL Enhancement |
Try to resolve all URLs to their final destinations. |
Classifier Variables |
Added classifier variables to notification message templates and increased notification profiles for some models. |
Mail Routing Relay Type |
Added mail host as the relay type to mail routing in MTA Advanced Control. |
DMARC Enhancement |
Use DMARC record's policy and take corresponding actions. |
Support MTA-STS |
Support MTA-STS domain checking. |
MSSP Advanced Management Features |
|
Recipient Verification |
Added "discard" action to recipient verification failures. |
Web Filter Local Category |
Support web filter local categories and rating override under Security > URL Filter > Local Category and Security > URL Filter > Override Rating. In previous releases, CLI command "config antispam url-fgas-exempt-list" is used to configure the URL exempt list. Starting from 7.2.0 release, CLI command "config system webfilter local-rating" will be used instead. |
Maturity Levels of GA Releases |
New GA releases will be tagged as "Maturity" or "Feature" release. The Feature tag indicates that the firmware release includes new features. The Maturity tag indicates that the firmware release includes no new, major features. Maturity firmware will contain bug fixes and vulnerability patches where applicable. |
New Variables in Quarantine Summary |
Added "ORIG_ENVOLOPE_TO" and "ORIG_TO" (Header To) to quarantine summary reports. |
External Email Warning |
Added an option in incoming disclaimers for external email only. |
Description Fields |
Added description/comment fields to some settings. |
REST API Rate Limit |
Added rate limit control to REST API access. |
CLI Access Control |
Added privilege levels to access CLI in admin profiles. |
Utility Menu |
Grouped a few utilities under System menu.
|
MAIL FROM Customization |
Added option to customize Mail From attribute under SMTP Recipient Address Verification in domain settings. |
Block/Safe List Tracking |
Added auto aging and retention option to the block/safe lists. |
Replacement Custom Message Enhancement |
Separate replacement messages for body and attachment parts. |
URL Neutralization |
Added URL neutralization action to CDR and content profile actions. |
FortiSandbox URL Submission Exception |
Added option to bypass one-time URLs. |
DSN EHLO/HELO Argument Customization |
The DSN EHLO/HELO argument can be set to host name, domain name, or other customized name. The default is host name. |
URL Checking |
Resolve URLs to their final destinations before FortiGuard query. |
New execute factoryreset2 Command |
Reset the FortiMail unit to its default settings for the currently installed firmware version, while retaining all network settings. |
MS365 Protection |
|
Load Balancer |
Support load balancer on Azure and Oracle Cloud platform. |
IP Pool Behavior Change |
(Same feature as introduced in 7.0.3) The following CLI command has been added to control IP pool usage. config system mailserver set ip-pool-direction [ all | exclude-internal-to-internal] end With the new "exclude-internal-to-internal" option, the IP pools will not be applied to the internal-to-internal email. The default setting is "all". |
SSO Workflow Enhancement |
Workflow and GUI enhancements. |