Fortinet FortiMail-100 - Example 1: Fortimail Unit in Front of an Email Server

Fortinet FortiMail-100

174 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Example 1: FortiMail unit in front of an email server Transparent mode deployment

FortiMail™ Secure Messaging Platform Version 4.0 Patch 1 Install Guide

122 Revision 2

http://docs.fortinet.com/ • Feedback

If you choose to add a private DNS server, to configure the FortiMail unit to use it, go to

System > Network > DNS in the advanced mode of the web-based manager.

Example 1: FortiMail unit in front of an email server

In this example, a FortiMail unit operating in transparent mode is positioned in front of one

email server.

Figure 46: Transparent mode deployment to protect an email server

The FortiMail unit has also been configured with an access control rule that allows local

and remote email users to send email to unprotected domains if they first authenticate:

To deploy the FortiMail unit in front of an email server, you must complete the following:

Table 7: Public vs. private DNS records when “Use MX Record” is enabled

Private DNS server Public DNS server

example.com IN MX 10

mail.example.com

example.com IN MX 10

mail.example.com

mail IN A 172.16.1.10 mail IN A 10.10.10.1

10 IN PTR fortimail.example.com 1 IN PTR fortimail.example.com

Note: This example assumes that the FortiMail unit is protecting a single email server. If

your FortiMail unit is protecting multiple email servers and they are not on the same subnet,

you must first remove some network interfaces from the bridge and configure static routes.

For an example of configuring out-of-bridge network interfaces, see “Removing the network

interfaces from the bridge” on page 133.

Sender Pattern *@example.com

Recipient Pattern *

Sender IP/Netmask 0.0.0.0/0

Reverse DNS

Pattern

*

Authentication

Status

authenticated

TLS < none >

Action RELAY

External

Email Server

Local Email Users

Internet

Transparent Mode

Remote Email Users

Router

port2

port1

Internal Email Server

172.16.1.10

Protected Domain:

@example.com

Email Domain:

@example.com

Public DNS Server

example.com IN MX 10 mail.example.com

mail IN A 10.10.10.1

Private DNS Server

example.com IN MX 10 mail.example.com

mail IN A 172.16.1.10

10.10.10.1

Table of Contents

Other manuals for Fortinet FortiMail-100

Quick Start Guide2 pages

Related product manuals

Preview: Fortinet FortiGate

Fortinet FortiGate

Preview: Fortinet FortiGate 70D

Fortinet FortiGate 70D

Preview: Fortinet FortiGate 60M

Fortinet FortiGate 60M

Preview: Fortinet FortiGate 300C

Fortinet FortiGate 300C

Fortinet FortiNDR 1000F

Preview: Fortinet FortiGate 1000D

Fortinet FortiGate 1000D

Preview: Fortinet FortiGate Series

Fortinet FortiGate Series

Preview: Fortinet FortiSandbox 1000F

Fortinet FortiSandbox 1000F

Preview: Fortinet FortiGate 90G Series

Fortinet FortiGate 90G Series

Preview: Fortinet FortiGate FortiGate-60

Fortinet FortiGate FortiGate-60

Preview: Fortinet FortiGate FortiGate-800

Fortinet FortiGate FortiGate-800

Fortinet FortiGate FortiGate-100