Managing the mail queue
The FortiMail unit prioritizes the mail queue into two types:
- Regular mail queue
- Slow mail queue
When the initial attempt to deliver an email fails, the FortiMail unit moves the email to the regular mail queue.
After another two failed delivery attempts, the FortiMail unit moves the email to the slow mail queue. This allows the FortiMail unit to resend valid email quickly, instead of keep resending invalid email (for example, email destined to an invalid MTA).
After the undelivered email remains in the deferred queue for five minutes, the mail appears under Monitor > Mail Queue > Mail Queue. This also means that email staying in the deferred queue for less than five minutes does not appear on the Mail Queue tab. |
Delivery failure can be caused by temporary reasons such as interruptions to network connectivity. FortiMail units will periodically retry delivery (administrators can also manually initiate a retry). If the email is subsequently sent successfully, the FortiMail unit simply removes the email from the queue. It does not notify the sender. But if delivery continues to be deferred, the FortiMail unit eventually sends an initial delivery status notification (DSN) email message to notify the sender that delivery has not yet succeeded. Finally, if the FortiMail unit cannot send the email message by the end of the time limit for delivery retries, the FortiMail unit sends a final DSN to notify the sender about the delivery failure and deletes the email message from the deferred queue. If the sender cannot receive this notification, such as if the sender’s SMTP server is unreachable or if the sender address is invalid or empty, the FortiMail unit will save a copy of the email in the dead mail folder. For more information, see Managing undeliverable mail.
When you delete a deferred email, the FortiMail unit sends an email message, with the deleted email attached to it, to notify the sender.
To view, delete, or resend an email in the deferred mail queue, go to Monitor > Mail Queue > General.
GUI item |
Description |
View (button) |
Select a message and click View to see its contents. |
Delete (button) |
Click to deleted the selected item. |
Resend (button) |
Mark the check boxes of the rows corresponding to the email messages that you want to immediately retry to send, then click Resend. To determine if these retries succeeded, click Refresh. If a retry succeeds, the email will no longer appear in either the deferred mail queue or the dead mail folder. Otherwise, the retry has failed. |
Type |
Select the directionality and priority level of email to filter the mail queue display.
|
Search (button) |
Select to filter the mail queue display by entering criteria that email must match in order to be visible. |
Client IP |
|
Location |
Lists the GeoIP locations/country names. |
Envelope From |
|
Envelope To |
|
Subject |
Lists the email subjects. |
First Processed |
Lists the date and time that the FortiMail unit first tried to send the email. |
Last Processed |
Lists the date and time that the FortiMail unit last tried to send the email. |
Tries |
Lists the number of times that the FortiMail unit has tried to send the email. |
Viewing the FortiGuard spam outbreak protection mail queue
If you enabled spam outbreak protection in an antispam profile, FortiMail will temporarily hold suspicious email for a certain period of time (configurable with CLI command config system fortiguard antispam set outbreak-protection-period
) if the enabled FortiGuard antispam check (block IP and/or URL filter) returns no result. After the specified time interval, FortiMail will query the FortiGuard server for the second time. This provides an opportunity for the FortiGuard antispam service to update its database in cases a spam outbreak occurs.
To view the email on hold, go to Monitor > Mail Queue > Spam Outbreak.
Viewing the FortiGuard virus outbreak protection mail queue
If you enabled antivirus outbreak protection in an antivirus profile, FortiMail will temporarily hold suspicious email for a certain period of time (configurable under System > FortiGuard > AntiVirus). After the specified time interval, FortiMail will query the antivirus database for the second time. This provides an opportunity for the FortiGuard antivirus service to update its database in cases a virus outbreak occurs.
To view the email on hold, go to Monitor > Mail Queue > Virus Outbreak.
Viewing the FortiSandbox mail queue
The FortiSandbox unit is used for automated sample tracking, or sandboxing. You can send suspicious email attachments to FortiSandbox for inspection when you configure antivirus profiles (see Managing antivirus profiles). If the file exhibits risky behavior, or is found to contain a virus, the result will be sent back to FortiMail and a new virus signature is created and added to the FortiGuard antivirus signature database as well. For more information about FortiSandbox, please visit Fortinet’s web site at https://www.fortinet.com.
To view the email waiting to be sent to FortiSandbox, go to Monitor > Mail Queue > FortiSandbox.
Managing undeliverable mail
The Dead Mail tab displays the list of email messages in the dead mail folder.
Unlike the deferred mail queue, the dead mail folder contains copies of delivery status notification (DSN) email messages, also called non-delivery reports (NDR).
DSN messages are sent from the FortiMail unit ("postmaster"
) to an email’s sender when the email is considered to be more permanently undeliverable because all previous retry attempts of the deferred email message have failed. These email messages from "postmaster"
include a copy of the original email message for which the DSN was generated.
If an email cannot be sent nor a DSN returned to the sender, it is usually because both the recipient and sender addresses are invalid. Such email messages are often sent by spammers who know the domain name of an SMTP server but not the names of its email users, and are attempting to send spam by guessing at valid recipient email addresses.
The FortiMail unit can automatically delete old dead mail.
Alternatively, to prevent dead mail to invalid recipients, enable recipient address verification to reject email with invalid recipients. Rejecting email with invalid recipients also prevents quarantine mailboxes for invalid recipients from consuming hard disk space. For details, see Configuring recipient address verification. |
To view or delete undeliverable email, go to Monitor > Mail Queue > Dead Mail.
Configuring mail queue search tasks
Similar to the quarantine search functionality, you can configure mail queue tasks that provide options to execute various actions, including the sending or deletion of mail, or delivery to an alternative host.
Delivery of mail to alternative host is only available for General mail queue search tasks. |
To configure a mail queue search task:
-
Go to Monitor > Mail Queue > Mail Queue Search Task and select New.
-
Select a Queue type. Additionally, set a Subtype for general mail queue searches.
-
Define the Time Range start and end times for the search to take place.
-
For more granularity, use the And/Or logic filters under Search Filter and click Add to add relationship settings.
-
Under Search Result, define the action to take place for search results.
-
When finished configuring, click Search.
From the list of mail queue search tasks, you can Stop, Resume, and Rerun search tasks as necessary.
Viewing the mail queue size
Mail queue size status can be viewed, including incoming, outgoing, IBE, spam and virus outbreak, and Sandbox queues.
View the mail queue size status in the GUI under Dashboard > Status in the Queue Status widget, or view the mail queue status using the following CLI command:
diagnose system mailqueue status