Testing The Installation

Testing the installation

After completing the installation, test it by sending email between legitimate SMTP clients and servers at various points within your network topology.

If the FortiMail unit is operating in gateway mode or transparent mode, you may also wish to test access of email users to their per-recipient quarantined email.

If the FortiMail unit is operating in server mode, you may also wish to test access to FortiMail webmail, POP3, and/or IMAP.

Figure 59:Connection test paths (gateway mode)

Private                                                                                                       Public DNS Server

Gateway Mode

DNS Server

Figure 60:Connection test paths (transparent mode)

Figure 61:Connection test paths (server mode)

To verify all SMTP connections to and from your FortiMail unit, consider both internal and external recipient email addresses, as well as all possible internal and external SMTP clients and servers that will interact with your FortiMail unit, and send email messages that test the connections both to and from each of those clients and servers. For example:

  1. Using an SMTP client on the local network whose MTA is the FortiMail unit or protected email server, send an email from an internal sender to an internal
  2. Using an SMTP client on the local network whose MTA is the FortiMail unit or protected email server, send an email from an internal sender to an external
  3. Send an email from an external sender to an internal
  4. If you have remote SMTP clients such as mobile users or branch office SMTP servers, using an SMTP client on the remote network whose MTA is the FortiMail unit or protected email server, send an email from an internal sender to an internal
  5. If you have remote SMTP clients such as mobile users or branch office SMTP servers, using an SMTP client on the remote network whose MTA is the FortiMail unit or protected email server, send an email from an internal sender to an external

If you cannot connect, receive error messages while establishing the connection, or the recipient does not receive the email message, verify your configuration, especially:

  • routing and policy configuration of intermediary NAT devices such as firewalls or routers
  • connectivity of the FortiMail unit with the Fortinet Distribution Network (FDN)
  • external email servers’ connectivity with and the configuration of the public DNS server that hosts the MX records, A records, and reverse DNS records for your domain names
  • the FortiMail unit’s connectivity with and the configuration of the local private DNS server (if any) that caches records for external domain names and, if the Use MX record option is enabled, hosts private MX records that refer to your protected email servers
  • access control rules on your FortiMail unit
  • configuration of MUAs, including the IP address/domain name of the SMTP and POP3/IMAP server, authentication, and encryption (such as SSL or TLS)

For information on tools that you can use to troubleshoot, see “Troubleshooting tools” on page 161.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Leave a Reply

Name *
Email *
Website