Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 8.0.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    8.0.0
    8.0.0
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.0
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    cloud-api setting

    cloud-api setting

    Use this command to configure real-time scan settings.

    Syntax

    config cloud-api setting

    set realtime-scan-status {enable | disable}

    set service-endpoint {china | germany | global | us-dod | us-gov}

    set push-notification-url-base <url_str>

    set realtime-scan-log {all | on-policy-match}

    set hide-email-on-arrival {enable | disable}

    set system-quarantine-release-original {enable | disable}

    set notify-method {api | smtp}

    end

    Variable

    Description

    Default
    hide-email-on-arrival {enable | disable}

    Enable or disable moving email to a hidden folder upon arrival until the real-time scan completes.

    With real-time scanning, there is a risk that, during the usually small window of time between delivery and scan, that users could open email that should be blocked. This is more noticeable if an email contains large attachments. To mitigate this risk, you can configure FortiMail to automatically move delivered email to a hidden folder until it can be scanned. After the email is scanned, if it is deemed safe, then it is returned from the hidden folder to the user's mailbox.

    This setting is only available for Microsoft 365.

    disable

    notify-method {api | smtp}

    Notification email templates on FortiMail can include a customizable subject line and sender email address in the message header (From:). The Microsoft or Google cloud API, however, does not support customizing the sender address.

    Select how to send notifications, either:

    • api: Use the service API. Ignores any customized sender email address.

    • smtp: Use the built-in SMTP MTA on the FortiMail system.

    api
    push-notification-url-base <url_str>

    By default, the FortiMail FQDN that is the base for the webhook notification URL will use hostname <host_str> and local-domain-name <domain-name_str>.

    If you need to override this FQDN (for example, if private network DNS servers and public network DNS servers have different FQDNs for the FortiMail system), then enter the public FQDN that the service should use to reach the webhook.

    realtime-scan-log {all | on-policy-match}

    Select which FortiMail logs will include information about the email, either:

    • all

    • on-policy-match: Record the email in history, mail event, antivirus, and antispam logs.

    on-policy-match
    realtime-scan-status {enable | disable}

    Enable or disable the webhook where FortiMail will listen for email delivery notifications from the service in order to trigger real-time policy scans.

    disable

    service-endpoint {china | germany | global | us-dod | us-gov}

    Select either global or a specific data center region for the service endpoint.

    global

    system-quarantine-release-original {enable | disable}

    FortiMail systems can automatically use Microsoft 365 to store email (both original and modified copies) that is diverted to the system quarantine. All of the tenant, user, and message GUIDs are stored in the system quarantine. After the email is scanned, if it is deemed safe, it is released and re-delivered to the user.

    Enable to release quarantined email in its original format.

    Disable to release quarantined email as a notification email that has the original email inside an EML file attachment.

    This setting is only available for Microsoft 365.

    Tooltip

    If the email is released to other recipients, then FortiMail will behave as if this setting is disabled.

    enable

    Related topics

    cloud-api policy

    system disk-clear

    Previous
    Next

    cloud-api setting

    cloud-api setting

    Use this command to configure real-time scan settings.

    Syntax

    config cloud-api setting

    set realtime-scan-status {enable | disable}

    set service-endpoint {china | germany | global | us-dod | us-gov}

    set push-notification-url-base <url_str>

    set realtime-scan-log {all | on-policy-match}

    set hide-email-on-arrival {enable | disable}

    set system-quarantine-release-original {enable | disable}

    set notify-method {api | smtp}

    end

    Variable

    Description

    Default
    hide-email-on-arrival {enable | disable}

    Enable or disable moving email to a hidden folder upon arrival until the real-time scan completes.

    With real-time scanning, there is a risk that, during the usually small window of time between delivery and scan, that users could open email that should be blocked. This is more noticeable if an email contains large attachments. To mitigate this risk, you can configure FortiMail to automatically move delivered email to a hidden folder until it can be scanned. After the email is scanned, if it is deemed safe, then it is returned from the hidden folder to the user's mailbox.

    This setting is only available for Microsoft 365.

    disable

    notify-method {api | smtp}

    Notification email templates on FortiMail can include a customizable subject line and sender email address in the message header (From:). The Microsoft or Google cloud API, however, does not support customizing the sender address.

    Select how to send notifications, either:

    • api: Use the service API. Ignores any customized sender email address.

    • smtp: Use the built-in SMTP MTA on the FortiMail system.

    api
    push-notification-url-base <url_str>

    By default, the FortiMail FQDN that is the base for the webhook notification URL will use hostname <host_str> and local-domain-name <domain-name_str>.

    If you need to override this FQDN (for example, if private network DNS servers and public network DNS servers have different FQDNs for the FortiMail system), then enter the public FQDN that the service should use to reach the webhook.

    realtime-scan-log {all | on-policy-match}

    Select which FortiMail logs will include information about the email, either:

    • all

    • on-policy-match: Record the email in history, mail event, antivirus, and antispam logs.

    on-policy-match
    realtime-scan-status {enable | disable}

    Enable or disable the webhook where FortiMail will listen for email delivery notifications from the service in order to trigger real-time policy scans.

    disable

    service-endpoint {china | germany | global | us-dod | us-gov}

    Select either global or a specific data center region for the service endpoint.

    global

    system-quarantine-release-original {enable | disable}

    FortiMail systems can automatically use Microsoft 365 to store email (both original and modified copies) that is diverted to the system quarantine. All of the tenant, user, and message GUIDs are stored in the system quarantine. After the email is scanned, if it is deemed safe, it is released and re-delivered to the user.

    Enable to release quarantined email in its original format.

    Disable to release quarantined email as a notification email that has the original email inside an EML file attachment.

    This setting is only available for Microsoft 365.

    Tooltip

    If the email is released to other recipients, then FortiMail will behave as if this setting is disabled.

    enable

    Related topics

    cloud-api policy

    system disk-clear

    Previous
    Next