This article describes that the alert mail debug log never shows ‘send mail success’ by using the office365 mail server.
Scope
FortiGate v7.0.
Solution
Comparison of the result by default setting (FortiGuard server).
The alert mail setting with the default settings below works expected:
Fortigate# get system email-server type : custom reply-to : server : notification.fortinet.net port : 465 source-ip : 0.0.0.0 source-ip6 : :: authenticate : disable validate-server : disable security : smtps ssl-min-proto-version: default interface-select-method: auto
Verifying the results by setting up the office365 mail server but never getting a correct response:
config system email-server set reply-to "[email protected]" set server "smtp.office365.com" set port 587 set authenticate enable set username "[email protected]" set password ENC uN/ set security starttls
From the debug log found the mail server response code 554:
diag debug reset diag debug enable diag debug console timestamp enable diag debug application alertmail -1 2024-05-03 16:32:09 session: 0x8d64e90, rsp_state: data2, code: 554 <----- Means mail server did not accept the email. 2024-05-03 16:32:09 details: SendAsDenied; [email protected] not allowed to send as [email protected]; <----- STOREDRV.Submission.Exception:SendAsDeniedException.MapiE xceptionSendAsDenied; Failed to process message due to a permanent exception with message
Based on the error message containing the invalid sender for the SMTP server, Office365 only allows specific sender names.
Modified the alertmail setting below then the status that works as expected: config alertemail setting set username "[email protected]" <----- Modify it to [email protected]. set mailto1 "[email protected]" set mailto2 "[email protected]" set HA-logs enable set antivirus-logs enable set configuration-changes-logs enable end