profile content-action
Use this command to define content action profiles. Content action profiles can be used to apply content-based encryption.
Alternatively, content action profiles can define one or more things that the FortiMail unit should do if the content profile determines that an email contains prohibited words or phrases, file names, or file types.
For example, you might have configured most content profiles to match prohibited content, and therefore to use a content action profile named quar_profile which quarantines email to the system quarantine for review.
However, you have decided that email that does not pass the dictionary scan named financial_terms is always prohibited, and should be rejected so that it does not require manual review. To do this, you would first configure a second action profile, named rejection_profile, which rejects email. You would then override quar_profile specifically for the dictionary-based content scan in each profile by selecting rejection_profile for content that matches financial_terms.
Syntax
config profile content-action
edit <profile_name>
[set comment "<comment_str>"]
set tagging-type {insert-header | tag-subject}
set subject-tagging-text "<text_str>"
config header-insertion-list
edit <header-insertion-name <header-key>>
set header-insertion-value "<header-value_str>"
end
set remove-header {enable | disable}
config header-removal-list
edit <header-removal-name <header-key_str>>
next
end
set disclaimer-insertion {enable | disable}
set disclaimer-insertion-location {beginning | end}
set disclaimer-insertion-content <message_name>
set alternate-host-status {enable | disable}
set alternate-host {<relay_fqdn> | <relay_ipv4>}
set deliver-to-original-host {enable | disable}set archive-status {enable | disable}
set fortiguard-antispam-outbreak {enable | disable}
set defer-delivery {enable | disable}
set archive-account <account_name>
set bcc-status {enable | disable}
set bcc-addr <recipient_email>
set bcc-env-from-status {enable | disable}
set bcc-env-from-addr <bcc-sender_email>
set replace-content {enable | disable}
set replacement-message <profile_name>
set notification-status {enable | disable}
set notification-profile <profile_name>
set quarantine-notify {enable | disable}
set quarantine-notify-profile <profile_name>
set quarantine-folder "<path_str>"
set rewrite-rcpt-local-type {none | prefix | replace | suffix}
set rewrite-rcpt-local-value <value_str>
set rewrite-rcpt-domain-type {none | prefix | replace | suffix}
set rewrite-rcpt-domain-value <text_str>
end
|
Variable |
Description |
Default |
|
Enter the name of the profile. To view a list of existing entries, enter a question mark ( |
|
|
|
action {discard | domain-quarantine | encryption | none | personal-quarantine | reject | rewrite-rcpt | system-quarantine | treat-as-spam} |
Enter the action that FortiMail will perform if the content profile determines that an email contains prohibited words or phrases, file names, or file types.
See also information about final vs. non-final actions and quarantines. |
none |
|
Type the fully qualified domain name (FQDN) or IP address of the alternate relay or SMTP server. This setting applies only if |
|
|
|
Type the email archive account name where you want to archive the email. See also archive policy. |
|
|
|
Enable or disable use of archive-account <account_name>. |
disable |
|
|
Enable to route the email to a specific SMTP server or relay. Also configure Note: If you enable this setting, for all email that matches the profile, the FortiMail unit will use this destination and ignore |
disable |
|
|
Type the blind carbon copy (BCC) recipient email address. This setting applies only if |
|
|
|
Specify an envelope from BCC address. In the case that email is not deliverable and bounced back, the email is returned to the specified envelope from address instead of the original sender. This is helpful when you want to use a specific email to collect bounce notifications. This setting applies only if |
|
|
|
Enable to specify an envelope from address. |
disable |
|
|
Enable to send a BCC of the email. Also configure bcc-addr <recipient_email>. |
disable |
|
|
Enter a description or comment. |
|
|
|
Enable to defer delivery of emails that may be resource intensive and reduce performance of the mail server, such as large email messages, or lower priority email from certain senders (for example, marketing campaign email and mass mailing). See also defer-delivery-starttime <time_str>. |
disable |
|
|
Enable to deliver the message to the original host. |
disable |
|
|
Enable to insert disclaimer. |
disable |
|
|
Specify the content name to be inserted. |
default |
|
|
Insert the disclaimer at the beginning or end of the message. |
beginning |
|
|
Enable or disable FortiGuard Antispam outbreak action, sending incoming email to the deferred mail queue. |
disable |
|
|
Enter the message header key such as Many email clients can sort incoming email messages into separate mailboxes based on text appearing in various parts of email messages, including the message header. For details, see the documentation for your email client. Message header lines are composed of two parts: a key(name) and a value, which are separated by a colon, such as: X-Custom-Header: Banned word detected by profile 22. Note: Do not enter spaces in the header key. These are forbidden by RFC 2822. |
|
|
|
Enter the key of the message header to be removed. |
|
|
|
Enter the message header value. This setting is available if tagging-type {insert-header | tag-subject} is |
|
|
|
Type the name of the notification profile used for sending notifications. |
|
|
|
Enable to send a notification about the detection. Also configure notification-profile <profile_name>. |
disable |
|
|
Enter the location of the quarantine folder. This setting is available if action {discard | domain-quarantine | encryption | none | personal-quarantine | reject | rewrite-rcpt | system-quarantine | treat-as-spam} is |
disable |
|
|
Enable to quarantine and also notify the recipient about the action. This setting is available if action {discard | domain-quarantine | encryption | none | personal-quarantine | reject | rewrite-rcpt | system-quarantine | treat-as-spam} is |
disable |
|
|
Enter the name of a notification profile. This setting is available if action {discard | domain-quarantine | encryption | none | personal-quarantine | reject | rewrite-rcpt | system-quarantine | treat-as-spam} is |
|
|
|
Enable to remove headers. Also configure header-removal-name <header-key_str>. |
disable |
|
|
Enable or disable replacement of the contents of the email. Also configure replacement-message <profile_name>. |
disable |
|
|
Enter the name of the custom message for replacement of the contents of the email. |
|
|
|
Change the domain part (the portion of the email address after the '@' symbol) of the recipient address of any email that matches the content profile.
This setting applies if |
none |
|
|
Enter the text for the option (except |
|
|
|
Change the local part (the portion of the email address before the '@' symbol, typically a user name) of the recipient address of any email that matches the content profile.
|
none |
|
|
Enter the text for the option (except |
|
|
|
Enter the text that will appear in the subject line of the email, such as Many email clients can sort incoming email messages into separate mailboxes based on text appearing in various parts of email messages, including the subject line. For details, see the documentation for your email client. This setting applies if tagging-type {insert-header | tag-subject}is |
|
|
|
Select the location of tagging, either:
|
|