Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    7.6.2
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.5

    Resolved issues

    Resolved issues

    The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

    Antispam/antivirus

    Bug ID

    Description

    1098766

    Messages with URLs redirecting to phishing sites cannot be caught.

    1094034

    In some cases, DMARC check won't fail although DMARC alignment fails.

    1086798

    In some cases, legitimate email may be caught as spam due to QR code check failure.

    1100219

    Not all URLs in the email are sent to FortiSandbox.

    1111258

    Match all condition "Body is Empty" and "Empty subject regex" in the DLP profile is not triggered.

    1115693

    When creating a scheduled scan in the MS365 API view, the advanced condition is ignored.

    1115188

    After upgrading to FortiMail 7.6.0/7.6.1 release, CDR mistakenly inserted download link of the original file.

    1119272

    PDF attachments are not detected by the content filter when regular expressions are used to match URLs in PDFs.

    1119624

    Content filter fails to detect regular expression/pattern matches in PDF archives.

    System

    Bug ID

    Description

    1090327

    DMARC report will not be generated when RUA mailto domain doesn't match the sender domain.

    1069702

    FortiMail broadcasts with destination port 8014.

    1088864

    In HA mode, SAML SSO is synchronized from the primary to secondary unit, causing login failures on the secondary unit.

    1066090

    SNMP traps cannot be sent for the deferred mail queue threshold.

    1087752

    In active-active HA mode, SNMP OIDs show the wrong HA roles.

    1094863

    Failure to add internal domain for alert email due to strict domain checking

    1098759

    Address book disappeared after upgrading to FortiMail 7.6.0/7.6.1 release.

    1100041

    Failure to release or delete email using quarantine reports in Gmail.

    1082373

    High CPU usage and increasing FortiSandbox mail queue.

    1103297

    Failure to add new users in some cases.

    1082843

    After upgrading to FortiMail 7.6.1 release, the smtpd server may terminate when there is an antivirus DB update going on.

    1104413

    High CPU usage caused by mailfilterd .

    1107735

    Failure to release system quarantined email.

    1111271

    		 Dictionary profile names remain after restoring an older config not containing the profiles.

    1107717

    "remote_wildcard" administrator is able to create administrator accounts but unable to delete them.

    1076001

    Some SSH key exchange algorithms should be removed when strong crypto is enabled.

    Logs and reports

    Bug ID

    Description

    1078550

    Quarantine report is garbled when special characters are used in the email subject and "remove-active-content" is enabled.

    1079025

    In some cases, the log search task does not work properly.

    1105759

    Log message "timed out checking block safe lists" is misleading.

    1114308

    Domain access level log view does not work as expected for administrator accounts.

    Administrator GUI/webmail

    Bug ID

    Description

    1086810

    In some cases, IBE password reset/reactivation URL does not work.

    1069966

    Unauthorized FortiMail units are displayed as FortiVoice in the FortiGate Security Fabric.

    1075043

    Support Ukrainian alphabet ordering.

    1086806

    Threat feed malware hash files are not read correctly.

    1097114

    Multiple logins are required to access IBE email.

    1101465

    In some cases, HTML mail content cannot be displayed properly.

    1110158

    After upgrading to FortiMail 7.6.1, an error message "Invalid E-Mail Address" appears when sending email using an address book contact in FortiMail webmail.

    1115801

    Webmail session timeout does not respect the idle timeout setting.

    1089762

    Scheduled reports are delivered later than expected.

    Common Vulnerabilities and Exposures

    FortiMail 7.6.2 is no longer vulnerable to the following CVE/CWE-References.

    Visit https://fortiguard.com/psirt for more information.

    Bug ID

    Description
    1081109 CWE-400: Uncontrolled Resource Consumption
    1092958 CWE-23: Relative Path Traversal
    Previous
    Next

    Resolved issues

    Resolved issues

    The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

    Antispam/antivirus

    Bug ID

    Description

    1098766

    Messages with URLs redirecting to phishing sites cannot be caught.

    1094034

    In some cases, DMARC check won't fail although DMARC alignment fails.

    1086798

    In some cases, legitimate email may be caught as spam due to QR code check failure.

    1100219

    Not all URLs in the email are sent to FortiSandbox.

    1111258

    Match all condition "Body is Empty" and "Empty subject regex" in the DLP profile is not triggered.

    1115693

    When creating a scheduled scan in the MS365 API view, the advanced condition is ignored.

    1115188

    After upgrading to FortiMail 7.6.0/7.6.1 release, CDR mistakenly inserted download link of the original file.

    1119272

    PDF attachments are not detected by the content filter when regular expressions are used to match URLs in PDFs.

    1119624

    Content filter fails to detect regular expression/pattern matches in PDF archives.

    System

    Bug ID

    Description

    1090327

    DMARC report will not be generated when RUA mailto domain doesn't match the sender domain.

    1069702

    FortiMail broadcasts with destination port 8014.

    1088864

    In HA mode, SAML SSO is synchronized from the primary to secondary unit, causing login failures on the secondary unit.

    1066090

    SNMP traps cannot be sent for the deferred mail queue threshold.

    1087752

    In active-active HA mode, SNMP OIDs show the wrong HA roles.

    1094863

    Failure to add internal domain for alert email due to strict domain checking

    1098759

    Address book disappeared after upgrading to FortiMail 7.6.0/7.6.1 release.

    1100041

    Failure to release or delete email using quarantine reports in Gmail.

    1082373

    High CPU usage and increasing FortiSandbox mail queue.

    1103297

    Failure to add new users in some cases.

    1082843

    After upgrading to FortiMail 7.6.1 release, the smtpd server may terminate when there is an antivirus DB update going on.

    1104413

    High CPU usage caused by mailfilterd .

    1107735

    Failure to release system quarantined email.

    1111271

    		 Dictionary profile names remain after restoring an older config not containing the profiles.

    1107717

    "remote_wildcard" administrator is able to create administrator accounts but unable to delete them.

    1076001

    Some SSH key exchange algorithms should be removed when strong crypto is enabled.

    Logs and reports

    Bug ID

    Description

    1078550

    Quarantine report is garbled when special characters are used in the email subject and "remove-active-content" is enabled.

    1079025

    In some cases, the log search task does not work properly.

    1105759

    Log message "timed out checking block safe lists" is misleading.

    1114308

    Domain access level log view does not work as expected for administrator accounts.

    Administrator GUI/webmail

    Bug ID

    Description

    1086810

    In some cases, IBE password reset/reactivation URL does not work.

    1069966

    Unauthorized FortiMail units are displayed as FortiVoice in the FortiGate Security Fabric.

    1075043

    Support Ukrainian alphabet ordering.

    1086806

    Threat feed malware hash files are not read correctly.

    1097114

    Multiple logins are required to access IBE email.

    1101465

    In some cases, HTML mail content cannot be displayed properly.

    1110158

    After upgrading to FortiMail 7.6.1, an error message "Invalid E-Mail Address" appears when sending email using an address book contact in FortiMail webmail.

    1115801

    Webmail session timeout does not respect the idle timeout setting.

    1089762

    Scheduled reports are delivered later than expected.

    Common Vulnerabilities and Exposures

    FortiMail 7.6.2 is no longer vulnerable to the following CVE/CWE-References.

    Visit https://fortiguard.com/psirt for more information.

    Bug ID

    Description
    1081109 CWE-400: Uncontrolled Resource Consumption
    1092958 CWE-23: Relative Path Traversal
    Previous
    Next