Embedded URLs in PDF attachments were not detected.

EMF files were incorrectly detected as application/zip.

Wrong MIME type detection.

JPEG image files were incorrectly detected as RAR files.

When sender address rate control reached the limit and some email are in the FortiSandbox queue, FortiMail received No Result from FortiSandbox.

Replacement message action in the content profile action did not work properly.

SPF checks failed if there were unknown modifiers.

Decompressed large files were not scanned or sent to quarantine.

Content type was changed although Deliver to original host was set to Unmodified copy.

URLs in invisible HTML text were not scanned.

Antispam IP reputation did not work after FortiSandbox was disabled.

More variables were needed in the password protected attachment notification email template.

Password-protected XLS spreadsheet files were not be decrypted.

XLSX files inside of a winmail.dat file were incorrectly detected as XLS files.

Split QR codes in PDF files were not detected.

When the FortiSandbox timeout was reached, URL click protection returned an error message instead of allowing the URL according to the FortiSandbox timeout setting.

After an upgrade from FortiMail 7.6.3 to 7.6.4, if re-scan upon quarantine release was enabled, email in personal quarantines could not be release.

Color-coded URLs changed the URL format or category.

DMARC failure occurred for some valid senders.

Threat feed for a resource URL did not work properly.

URI redirect lookup did not work properly.

Content action in policy matches should have been classified as Not spam instead of Spam.

Password-protected attachment notifications should have appeared at the top of the email, not the bottom.

URLs with hyphens in PDF attachments were not parsed properly.

When the concurrent sessions were high, URI click protection did not work properly.

CDR did not work properly with some Microsoft Word files.

PDF QR code check should not have extracted embedded files.

ZIP files containing BAT files were not detected by the content filter.

Missing header "From:" value.

Error messages occurred when clicking the encrypted email notification link if the email had been filtered by other security solutions.

If there were multiple long recipient addresses, then the X-FEAS-BEC-Info: message header was longer than 998 characters and not folded, which violates RFC 5322 section 2.1.1.

When there were multiple recipients and multiple matching policies, some recipients may not have received the email.

Email was dropped when there was an issue with the NAS server.

In some cases, email could not be sent. The error message was:

timeout before data read, where=eom

Email delivery failed due to a DNS TXT record limit.

After an upgrade to FortiMail 7.6.3, the HA group was out of synchronization.

High CPU usage was caused by DLP profiles.

Legitimate email was caught by intelligent analysis.

In some cases, while in HA mode, a block list entry could be missing

When FIPS-CC mode is enabled, LDAPS must disable the use of algorithms and TLS versions that are not FIPS-approved and certified.

When FIPS-CC mode is enabled, IBE, S/MIME, and SNMPv3 must disable the use of algorithms that are not FIPS approved and certified..

Some disclaimer variables did not work properly.

After an upgrade from FortiMail 7.4.3 to 7.6.3, the system crashed intermittently. The error message was:

Failed to boot default entries.

Calendar sharing did not work for Microsoft Outlook.

High CPU usage occurred in some cases.

Changing banned words or dictionary profiles did not work properly.

On a primary unit in an HA group, quarantine search has intermittent issues.

Quarantine search took an abnormally long time.

Unable to remove DKIM selectors with underscores.

The most recently installed CA certificate was not effective in the CA chain.

In active-active HA mode, personal block/safe lists created during HA down time were not synchronized after HA was restored.

In some cases, quarantine release notification confirmation did not show the password input field.

An OFTP connection with FortiAnalyzer 7.4.8 requires the correct certificate option.

STARTTLS was not initiated for authentication in relay host tests under System > Mail Setting . Relay Host List.

After an upgrade from FortiMail 7.6.4 to 7.6.5 interim release, the HA group was out of sync.

High CPU usage was caused by the PDF scan.

High CPU usage was caused by text extraction from images in the PDF scan.

After an upgrade from FortiMail 7.6.3 to 7.6.4, after the command chattr sync-disable, active-passive HA synchronization had issues.

High CPU usage occurred on FML-900F models

High CPU usage was caused by large files in the PDF scan.

High CPU usage was caused by regular expressions in the DLP scan.

After an upgrade to FortiMail 7.6.0 or 7.6.1, address books disappeared.

Unable to add line break/carriage return in replacement messages.

Log reports with a comma in their name could not be generated or deleted.

After an uprade to FortiMail 7.6.4, regular expression errors were logged on every SSH login.

In antispam logs, the error message database error executing could appear.

File names were not displayed correctly in logs.

Updated the JQuery-UI version.

Under Security > URL Filter > Profile, the total number of references did not display correctly.

In ForitMail webmail, encrypted email for Zoom session links was replaced with ICS file attachments.

Character T and Z appear in FortiMail clawback timestamp for the personal quarantine report email template.

In some cases, personal quarantine search did not work properly.

CWE-358: Improperly Implemented Security Check for Standard

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-358: Improperly Implemented Security Check for Standard

CWE-472: External Control of Assumed-Immutable Web Parameter

CWE-358: Improperly Implemented Security Check for Standard