Name: Fortinet FortiMail-100
Brand: Fortinet
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Server mode deployment Example 3: FortiMail unit in DMZ

FortiMail™ Secure Messaging Platform Version 4.0 Patch 1 Install Guide

Revision 2 151

http://docs.fortinet.com/ • Feedback

Configuring the MUAs

Configure the email clients of local and remote email users to use the FortiMail unit as

their outgoing mail server (SMTP)/MTA. For local email users, this is the virtual IP address

on the FortiGate unit that maps to the FortiMail unit, 172.16.1.2; for remote email users,

this is the public IP address of the FortiMail unit, 10.10.10.5 or fortimail.example.com.

If you do not configure the email clients to send email through the FortiMail unit, incoming

email can be scanned, but outgoing email cannot.

Also configure email clients to authenticate with the email user’s user name and password

for outgoing mail. The user name is the email user’s entire email address, including the

domain name portion, such as user1@example.com.

If you do not configure the email clients to authenticate, email destined for other email

users in the protected domain may be accepted, but email outgoing to unprotected

domains will be denied by the access control rule.

Testing the installation

Basic configuration is now complete, and the installation may be tested. For testing

instructions, see “Testing the installation” on page 159.

For information on configuring additional features, see the FortiMail Administration Guide.

Example 3: FortiMail unit in DMZ

In this example, a FortiMail unit operating in server mode within the demilitarized zone

(DMZ), protected by a firewall but also separated from local email users’ computers by it.

Remote email users’ computers and external email servers are located on the Internet,

outside of the private network. The FortiMail unit hosts and protects accounts for email

addresses ending in “@example.com”.

Figure 52: Server mode deployment in a DMZ

External

Em ail Server

Local Em ail Users

Rem ote Em ail Users

Public DNS Server

Internet

dm z

192.168.1.1

wan1

10.10.10.1

port1

192.168.1.5

internal

172.16.1.1

(v irtual IP:

172.16.1.2)

Em ail Dom ain:

@example.co m

exam ple.com IN MX 10 fortimail.exam ple.com

fortimail IN A 10.10.10.1

Server Mode

Private DNS Server

Brand	Fortinet
Model	FortiMail-100
Category	Firewall
Language	English

Fortinet FortiMail-100 Install Guide

Table of Contents

Other manuals for Fortinet FortiMail-100

Questions and Answers:

Fortinet FortiMail-100 Specifications

Related product manuals