Retrieving passwords from Fortigate

 https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-Recover-BGP-Password/ta-p/414414

 1. Copy ENC password from CLI

sh vpn ipsec phase1-interface test-vpn-tunnel
config vpn ipsec phase1-interface
    edit "test-vpn-tunnel"
        .....
        set psksecret ENC tP2sK9fIsnZfffZg9cG6u5hkyC/MUVXBsIcaOTJlH2cV4K89XjE86c98KyolJrmiWJsQqT12rK82a1o2EiUZFWrTxik8JQegsPVbIZvq2qIPfcNCifgQAco/NjuQ4f5PyIipJzS5tyWMbysWYsP4GTNlQ==
    next
end

 2. Create an SSID in Fortigate (enable WiFi Controller under System -> Feature Visibility) 

    2.1. Set Pre-shared Key -> Passprase

    2.2 Edit in CLI & change the passphrase of the SSID to the BGP password copied from Step 1

config wireless-controller vap
    edit "TEST"
        set passphrase ENC <----- Encrypted BGP Password copied from Step 1.
    next
end

3. From FortiGate GUI, go to WiFi Controller -> SSID -> Edit SSID. On the 'Passphrase' parameter, select the 'eye' icon to reveal the password.

 That method is tested and confirmed working on Fortigate 7.0 for local users, radius secret, IPSec PSK

 

Another way of retrieving IPSec PSK password:  

Retrieving IPsec VPN PSK key from Fortigate 

 

 

 

iRedMail greylisting

 Disable greylisting for sender IP:
python3 greylisting_admin.py --disable --from '45.56.127.226'

To whitelist IP addresses/networks of some mail domain, for example, outlook.com, microsoft.com, please run command like below:
cd /opt/iredapd/tools/
python3 spf_to_greylist_whitelists.py outlook.com microsoft.com



Show and add server-wide whitelists or blacklists:

python3 wblist_admin.py --list --whitelist
python3 wblist_admin.py --list --blacklist

# Whitelist IP address, email address, entire domain, subdomain (including main domain)
python3 wblist_admin.py --add --whitelist 192.168.1.10 user@domain.com @iredmail.org @.example.com

# Blacklist IP address, email address, entire domain, subdomain (including main domain)
python3 wblist_admin.py --add --blacklist 202.96.134.133 bad-user@domain.com @bad-domain.com @.sub-domain.com

For per-user or per-domain whitelists and blacklists, please use option --account. for example:

python3 wblist_admin.py --account @mydomain.com --add --whitelist 192.168.1.10 user@example.com
python3 wblist_admin.py --account user@mydomain.com --add --blacklist 172.16.1.10 baduser@example.com

python3 wblist_admin.py --account @mydomain.com --list --whitelist
python3 wblist_admin.py --account user@mydomain.com --list --blacklist