Mail_Correo_2026

What does the Scan timeout value configure?. How long FortiMail will waitfor a scan result from FortiSandbox. How often the local scan results cache will expire on FortiMail. How often FortiMail will query FortiSandbox for a scan result. How long FortiMail will wait to send a file or URI to FortiSandbox.

Refer to the exhibit, which shows the Authentication Reputation list on a FortiMail device running in gateway mode. Why was the IP address blocked?. A. The IP address had consecutive SMTPS login failures to FortiMail.. B. The IP address had consecutive IMAP login failures to FortiMail. C. The IP address had consecutive administrative password failures to FortiMail. D. The IP address had consecutive SSH login failures to FortiMail.

Refer to the exhibits, which show an email archiving configuration (Email Archiving 1 and Email Archiving 2) from a FortiMail device. What two archiving actions will FortiMail take when email messages match these archive policies? (Choose two.). FortiMail will archive email sent from marketingexample. com. FortiMail will save archived email in the journal account. FortiMail will exempt spam email from archiving. FortiMail will allow only the marketingeexample.com account to access the archived email.

Refer to the exhibit which shows a topology diagram of a FortiMail cluster deployment. Which IP address must the DNS MX record for this organization resolve to?. 1172 16 32 57. 172.16.32.56. 172.16.32.55. 172.16.32.1.

Which license must you apply to a FortiMail device to enable the HA centralized monitoring features?. Cloud gateway license. Advanced Management and MSSP license. Office 365 protection license. Enterprise license.

Refer to the exhibits, which shows a DLP scan profile configuration (DLP Scan Rule 1 and DLP Scan Rule 2) from a FortiMail device. Which two message types will trigger this DLP scan rule? (Choose two.). An email that contains credit card numbers in the body, attachment, and subject will trigger this scan rule. An email sent from sales@internal. lac will trigger this scan rule, even without matching any conditions. An email message that contains credit card numbers in the body will trigger this scan rule. An email message with a subject that contains the term 'credit card" will trigger this scan rule.

Refer to the exhibit, which shows a partial antispam profile configuration. What will happen to an email that triggers Spam outbreak protection?. The email is logged. The email is rejected. The email is held in a deferred queue for a period of time. The email is marked as clean and released to the recipient.

Refer to the exhibits showing SMTP limits (Session Profile — SMTP Limits), and domain settings (Domain Settings, andDomain Settings — Other) of a FortiMail device Which message size limit in KB will the FortiMail apply to outbound email?. 204300. There is no message size limit for outbound email from a protected domain. 10240. 51200.

What are Two reasons for having reliable DNS servers configured on FortiMail? (Choose two.). Email transmission. Firmware updates. FortiGuard Connectivity. HA synchronization.

Which two FortiMail antispam techniques can you use to combat zero-day spam? (Choose two.). IP reputation. Spam outbreak protection. DNSBL. Behavior analysis.

In which two ways does a transparent mode FortiMail use the build-it MTA to process email? (Choose two. It can queue undeliverable messages and generate DSNs. The built-in MTA must connect to an external relay host to deliver email. MUAs must be configured to connect to the built-in MTA to send email. It ignores the destination set by the sender and uses its own MX record lookup.

Refer to the exhibit, which shows an antivirus action profile. What are two expected outcomes if FortiMail applies this antivirus action profile to an email? (Choose two.). Virus content will be removed from the email. The original email will be sent to the system quarantine. The sanitized email will be sent to the recipient's personal quarantine. A replacement message will be added to the email.

A mail user wants the ability to subscribe or publish to and from their FortiMail calendar using Thunderbird as their mail user agent (MUA). What information does this mail user need from their webmail User Preferences section?. Free busy URL. Service URLs. Secondary account configurations. Message tags.

A FortiMail is configured with the protected domain example.com. On this FortiMail, which two envelope addresses are considered incoming? (Choose two.). A. EMAIL FROM: nisGhosted.r.et RCPT 70: noceexampIe.com. MAIL FROM: supporteexample.com RCPT TO: marketing@example.com. MAIL FROM: accountsGexample.ccm RCPT TO: sales@external.org. MAIL FROM: training&external.crg RCPT TO: student30extersal.org.

Which SMTP command lists (he supported SMTP service extensions of the recipient MTA?. DATA. VRFY. EHLO. HELO.

A FortiMail device is configured with the protected domain example. com. It senders are not authenticated, which two envelope addresses will require an access receive rule? (Choose two.). MALL FROM: mis@hosted.r.et RCPTTO: noc@exampIe.com. MALL FROM: accounts@example.com RCPT TO: aales8biz.example.com. MALL FROM: support6example.org RCPT TO: marketing9exainple.com. MALL FROM: trainingeexample.com RCPT TO: students@external.org.

Reter to the exhibits. The exhibits display a topologydiagram of a FortiMail cluster (Topology) and the primary HA interface configuration of the Primary FortiMail (HA Interface Configuration) Which three actions are recommended when configuring the primary FortiMail HA interface? (Choose three.). In the Heartbeat status drop-down list, select Primary. In the Virtual IP action drop-down list, select Use. In the Virtual IP address field, type 172.16.32.55/24. In the Peer IP address field, type 172.16.32.57. Disable Enable port monitor.

Reter to the exhibit, which shows the IBE Encryption page of a FortiMail device. Which user account behavior can you expect from these IBE settings?. After initial registration. IBE users can access the secure portal without authenticating again for 90 days. Registered IBE users have 90 days from the time they receive a notification email message to access their IBE email. IBE user accounts will expire after 90 days of inactivity and must register again to access new IBE email message. First time IBE users must register to access their email within 90 days of receiving the notification email message.

What are two disadvantages of configuring the dictionary and DLP scan rule aggressiveness too high? (Choose two.). High aggressiveness scan settings do not support executable file types. It is more resource intensive. More false positives could be detected. FortiMail requires more disk space for the additional rules.

In which two places can the maximum email size be overridden on FortiMail? (Choose two.). IP Policy configuration. Protected Domain configuration. Resource Profile configuration. Session Profile configuration.

Refer to the exhibit, which shows the output of an email transmission using a telnet session.What are two correct observations about this SMTP session? (Choose two.). The SMTP envelope addresses are different from the message header addresses. The "Subject" is part of the message header. The"220 mx. internal, lab ESMTPSmtpd" message is part of the SMTP banner. The "250Message accepted for delivery" message is part ofthe message body.

While reviewing logs, an administrator discovers that an incoming email was processed using policy IDs0:4:9: INTERNAL. Which two statements describe what this policy ID means? (Choose two.). Access control policy number 9 was used. The FortiMail configuration is missing an access delivery rule. The email was processed using IP-based policy ID 4. FortiMail is applying the default behavior for relaying inbound email.

Refer to the exhibits, which show a topology diagram (Topology) and a configuration element (IP Policy). An administrator has enabled the sender reputation feature in the Example_Session profile on FML-1. After a few hours, the deferred queue on the mail server starts filling up with undeliverable email. Which two changes must theadministrator make to fix this issue? (Choose two.). Disable the exclusive flag in IP policy ID 1. Apply a session profile with sender reputation disabled on a separate IP policy for outbound sessions. Clear the sender reputation database using the CLI. Create an outbound recipient policy to bypass outbound email from session profile inspections.

Which statement about how impersonation analysis identifies spoofed email addresses is correct?. It uses behavior analysis to detect spoofed addresses. It uses DMARC validation to detect spoofed addresses. It maps the display name to the correct recipient email address. It uses SPF validation to detect spoofed addresses.

Refer to the exhibit, which displays the domain configuration of a FortiMail device running in transparent mode. Based on the exhibit, which two sessions are considered incoming sessions? (Choose two.). DESTINATIONIP:192.163.54.10 MAIL FROM: accour.t3@exaraple.com RCPT TO: saleseexamplc. com. BDESTINATION IP:10.25.32.15 MAIL FROM: trainir.g@example.com RCPT TO: students@external. com. DESTINATIONIP:172.16.32.56 MAIL FROM: misfihosted.net RCPT TO: noc9example.com. DESTINATION IP:172.16.32.56 MAIL FROM: support@example.com RCPT TO: marketingeaxampla.com.

When configuring a FortiMail HA group consisting of different models, which two statements are true? (Choose two.). The most powerful model must be configured as the primary unit. Group capacity is limited to the least powerful model. All units must have the same firmware. Configurations will not synchronize between different model types.

Refer to the exhibits, which show a topology diagram (Topology) and a configurationelement (Access Control Rule.) An administrator wants to configure an access receive rule to matchauthentication status on FML-1 for all outbound email from the example. co- domain Which two access receive rule settings must the administrator configure? (Choose two.). The Sender IP/netmask must be set to 10.29.1.0/24. A TLS profile must be configured and applied. The Recipient pattern must be set to *@example. com. The Authentication status must be set to Authenticated.

An organization has different groups of users with different needs in email functionality, such as address book access, mobile device access, email retention periods, and disk quotas. Which FortiMail feature specific to server mode can be used to accomplish this?. Domain-level service settings. Access profiles. Email group profiles. Resource profiles.

Refer to the exhibit, which shows the mail server settings of a FortiMail device. What are two ways this FortiMail device will handle connections? (Choose two.). FortiMail will support the STARTTLS extension. FortiMail will drop any inbound plaintext SMTP connection. FortiMail will accept SMTPS connections. FortiMail will enforce SMTPS on all outbound sessions.

Refer to the exhibit, which displays the Mail Settings page of a FortiMail device running in gateway mode. In addition to selecting Check External Domain in the MTA-STS service field, what else must an administrator do to enable MTA-STS?. Enable MTA-STS in the associated TLS profile. Enable SMTPUTF8 support in the mail server settings. Enable secure authentication in the associated SMTP authentication profile. Enable MTA-STS action in the appropriate inbound recipient policy.

While testing outbound MTA functionality, an administrator discovers that all outbound email is being processed using policy ID l: 2:0: SYSTEM. What are two possible reasons why the third policy ID value is o? (Choose two.). IP policy ID 2 has the exclusive flag set. There are no outgoing recipient policies configured. Outbound email is being rejected. There are no access delivery rules configured for outbound email.

Refer to the exhibit which shows annslookupoutput of MX records of theexample.comdomain Which two MTA selection behaviors for theexample.comdomain are correct? (Choose two.). mx.example.com will receive approximately twice the number of email as mx.hosted.com because of its preference value. The primary MTA for the example.com domain is mx.hosted.com. The external MTAs will send email to mx.example.com only if mx.hosted.com is unreachable. The PriNS server should receive all email for the example.com domain.

In which FortiMail configuration object can you assign an outbound session profile?. Outbound recipient policy. Inbound recipient policy. IP policy. Access delivery rule.

Which two antispam techniques query FortiGuard for rating information? (Choose two.). DNSBL. IP reputation. URL filter. SURBL.

Which two factorsare required for an active-active HA configuration of FortiMail in server mode? (Choose two.). Devices must be deployed behind a load balancer. Service monitoring must be configured for remote SMTP. A primary must be designated to initially process email. Mail data must be stored on a NAS server.

Which item is a supported one-time secure token for IBE authentication?. FortiToken. Certificate. SMS. Security question.

Refer to the exhibits, which display a topology diagram (Topology) and two FortiMail device configurations (FML1 ConfigurationandFML2 Configuration). What is the expected outcome of SMTP sessions sourced from FML1 and destined for FML2?. FML1 will fail to establish any connection with FML2. FML1 will attempt to establish an SMTPS session with FML2. but fail and revert to standard SMTP. FML1 will send the STARTTLS command in the SMTP session, which will be rejected by FML2. FML1 will successfully establish an SMTPS session with FML2.

Which two features are available when you enable HA centralized monitoring on FortiMail? (Choose two.). Policy configuration changes of all cluster members from the primary device. Mail statistics of all cluster members on the primary device. Cross-device log searches across all cluster members from the primary device. Firmware update of all cluster members from the primary device.

Refer to the exhibit, which displays an encryption profile configuration. What happens if the attachment size of an IBE email exceeds 1024 KB?. Pull delivery will be used. The email message will not be delivered. OTLS will be used. AES 256 will be used.

Refer to the exhibit, which shows a topology diagram of two MTAs. MTA-1 is delivering an email intended for User 1 to MTA-2. User 1 uses Outlook as an email client. Which two statements about protocol usage between these devices are correct? (Choose two. User 1 will use IMAP or POP3 to download the email message from MTA-2. MTA-2 will use IMAP to download the email message from MTA-1. MTA-1 will use SMTP to deliver the email message to MTA-2. MTA-1 will use POP3 to deliver the email message to User 1 directly.

Refer to the exhibit, which displays an access control rule. What are two expected behaviors for this access control rule? (Choose two.). Email must originate from an example. com email address. Senders must be authenticated to match this rule. Email matching this rule will be relayed. Emails must be sent from the 10.0.1.0/24 subnet.

A FortiMail administrator is concerned about cyber criminals attempting to get sensitive information from employees using whaling phishing attacks. What option can the administrator configure to prevent these types of attacks?. Impersonation analysis. Dictionary profile with predefined smart identifiers. Bounce tag verification. Content disarm and reconstruction.

Refer to the exhibit which displays a list of IBE users on a FortiMail device. Which statement describes the pre-registered status of the IBE userextuser2@external.lab?. The user has received an IBE notification email, but has not accessed the HTTPS URL or attachment yet. The user was registered by an administrator in anticipation of IBE participation. The user account has been de-activated, and the user must register again the next time they receive an IBE email. The user has completed the IBE registration process, but has not yet accessed their IBE email.

Refer to the exhibit, which shows an inbound recipient policy. After creating the policy shown in the exhibit, an administrator discovers that clients can send unauthenticated emails using SMTP. What must the administrator do to enforce authentication?. Move this incoming recipient policy to the top of the list. Configure a matching IP policy with the exclusive flag enabled. Configure an access delivery rule to enforce authentication. Configure an access receive rule toverifyauthentication status.

A FortiMail administrator is investigating a sudden increase in DSNs being delivered to their protected domain. After searching the logs, the administrator identifies that the DSNs werenotgenerated because of any outbound email sent from their organization Which FortiMail antispam technique can the administrator use to prevent this scenario?. FortiGuard IP Reputation. Spoofed header detection. Spam outbreak protection. Bounce address tag validation.

Refer to the exhibit, which shows a few lines of FortiMail logs. Based on these log entries, which two statements describe the operational status of this FortiMail device? (Choose two.). FortiMail is experiencing issues accepting the connection from the external. lab MTA. FortiMail is experiencing issues delivering the email to the internal. lab MTA. The FortiMail device is in server mode. The FortiMail device is in gateway or transparent mode.

Which three configuration steps must you set to enable DKIM signing for outbound messages on FortiMail? (Choose three.}. Generate a public/private key pair in the protected domain configuration. Enable the DKIM checker in a matching session profile. Publish the public key as a TXT record in a public DNS server. Enable the DKIM checker in a matching antispam profile. Enable DKIM signing for outgoing messages in a matching session profile.

Refer to the exhibit which displays a topology diagram. Which two statements describe the built-in bridge functionality on a transparent mode FortiMail? (Choose two.). Any bridge member interface can be removed from the bridge and configured as a routed interface. If port1. is required to process SMTP traffic, it must be configured as a routed interface. All bridge member interfaces belong to the same subnet as the management IP. The management IP is permanently tied to port1, and port1 cannot be removed from the bridge.

A FortiMail administrator is investigating a sudden increase in DSNs being delivered to their protected domain. After searching the logs, the administrator identities that the DSNs were not generated because of any outbound email sent from their organization. Which FortiMail antispam technique can the administrator enable to prevent this scenario?. Spoofed header detection. Spam outbreak protection. FortiGuard IP Reputation. Bounce address tag validation.

Refer to the exhibit which shows a command prompt output of a telnet command. Which configuration change must you make to prevent the banner from displaying the FortiMail serial number?. Change the host name. Add a protected domain. Configure a local domain name. Change the operation mode.

Refer to the exhibit, which shows a topology diagram of two separate email domains. Which two statements correctly describe how an email message is delivered from User A to User B? (Choose two.). mx.example1.org will forward the email message to the MX record that has the lowest preference. User B will retrieve the email message using either POP3 or IMAP. User A’s MUA will perform a DNS MX record lookup to send the email message. The DNS server will act as an intermediary MTA.

Refer to the exhibit, which displays a history log entry. In the Policy ID column, why isthe last policy ID value SYSTEM?. The email was dropped by a system blacklist. The email matched a system-level authentication policy. It is an inbound email. The email did not match a recipient-based policy.

Refer to the exhibit which shows a detailed history log view. Which two actions did FortiMail take on this email message? (Choose two.). FortJMail replaced the virus content with a message. FortiMail modified the subject of the email message. FortiMail forwarded the email to User 1 without scanning. FortiMail sent the email message to User 1's personal quarantine.