cloud-api setting
Use this command to configure real-time scan settings.
If you will use real-time scans, then the Microsoft or Google service must also be able to connect to the FortiMail system to notify it when email arrives. This requires that FortiMail has a:
-
Hostname that is publicly DNS-resolvable and globally reachable
-
Firewall policies that allow inbound connections
-
Valid CA-signed certificate with a Common Name (CN) or Subject Alternative Name (SAN) that matches the FortiMail hostname (use the administrative GUI to upload the local certificate that FortiMail will present to identify itself)
-
Base URL to receive webhook notifications from Microsoft 365, Microsoft Exchange, or Google Workspace (
push-notification-url-base <url_str>)
Syntax
config cloud-api setting
set realtime-scan-status {enable | disable}
set service-endpoint {china | germany | global | us-dod | us-gov}
set push-notification-url-base <url_str>
set realtime-scan-log {all | on-policy-match}
set hide-email-on-arrival {enable | disable}
set system-quarantine-release-original {enable | disable}
set notify-method {api | smtp}
end
|
Variable |
Description |
Default |
||
| hide-email-on-arrival {enable | disable} |
Enable or disable moving email to a hidden folder upon arrival until the real-time scan completes. With real-time scanning, there is a risk that, during the usually small window of time between delivery and scan, that users could open email that should be blocked. This is more noticeable if an email contains large attachments. To mitigate this risk, you can configure FortiMail to automatically move delivered email to a hidden folder until it can be scanned. After the email is scanned, if it is deemed safe, then it is returned from the hidden folder to the user's mailbox. This setting is only available for Microsoft 365. |
disable |
||
|
Notification email templates on FortiMail can include a customizable subject line and sender email address in the message header (From:). The Microsoft or Google cloud API, however, does not support customizing the sender address. Select how to send notifications, either:
|
api |
|||
| push-notification-url-base <url_str> |
By default, the FortiMail FQDN that is the base for the webhook notification URL will use If you need to override this FQDN (for example, if private network DNS servers and public network DNS servers have different FQDNs for the FortiMail system), then enter the public FQDN that the service should use to reach the webhook on FortiMail. |
|
||
|
Select which FortiMail logs will include information about the email, either:
|
on-policy-match |
|||
| realtime-scan-status {enable | disable} |
Enable or disable the webhook where FortiMail will listen for email delivery notifications from the service in order to trigger real-time policy scans. This setting is used only if |
disable |
||
|
service-endpoint {china | germany | global | us-dod | us-gov} |
Select either |
global |
||
|
FortiMail systems can automatically use Microsoft 365 to store email (both original and modified copies) that is diverted to the system quarantine. All of the tenant, user, and message GUIDs are stored in the system quarantine. After the email is scanned, if it is deemed safe, it is released and re-delivered to the user. Enable to release quarantined email in its original format. Disable to release quarantined email as a notification email that has the original email inside an EML file attachment. This setting is only available for Microsoft 365.
|
enable |
