Best Practices and Fine Tuning

Performance tuning

  • Configure Recipient Address Verification (located in Mail Settings > Domains > Domains) with an SMTP or LDAP server. This is especially important when quarantining is enabled because of the potentially large amount of quarantined mail for invalid recipients.

Alternatively, enable Automatic Removal of Invalid Quarantine Accounts (located in Mail Settings > Domains > Domains) to delete invalid user quarantine directories daily at a configured time.

If quarantining is enabled and neither of these features are enabled, performance will suffer and could potentially cause the FortiMail unit to refuse SMTP connections if subject to extremely heavy mail traffic.

  • Enable greylisting (located in Profile > AntiSpam > AntiSpam) to reject many spam delivery attempts before more resource-intensive antispam scans are used to identify spam.
  • Apply spam throttling features by creating an IP-based policy (located in Policy > Policies > Policies) with a session profile (located in Profile > Session > Session). Sender reputation, session limiting, and error handling are particularly useful.
  • If FortiGuard is enabled in a antispam profile, also enable caching and Enable Black IP to query for the blacklist status of the IP addresses of all SMTP servers appearing in the Received: lines of header lines. Caching can be enabled in Maintenance > FortiGuard > AntiSpam. Enable Black IP to query for the blacklist status of the IP addresses of all SMTP servers appearing in the Received: lines of header lines. can be enabled in the antispam profile.
  • To reduce latency associated with DNS queries, use a DNS server on your local network.
  • If logs are stored on the FortiMail unit, set logging rotation size (located in Log and Report > Log Settings > Local Log Settings) to between 10 MB and 20 MB, and set the event logging level to warning or greater. Delete or back up old logs regularly to free storage space.
  • Regularly delete or backup old reports to reduce the number of reports on the local disk.
  • Regularly delete old and unwanted mail queue entries and quarantined mail.
  • Schedule resource-intensive and non-time-critical tasks, such as report generation and delivery of deferred oversize messages, to low-traffic periods.
  • Disable resource-intensive scans, such as the heuristic scan (located in Profile > AntiSpam > AntiSpam), when spam capture rate is otherwise satisfactory.
  • Consider enabling the Max message size to scan and Bypass scan on SMTP authentication in the Scan Conditions section of antispam profiles (located in Profile > AntiSpam > AntiSpam).
  • If possible, format the mail and log disks regularly to improve disk performance.

Back up logs and mail before formatting the hard disks. Formatting log disks deletes all log entries. Formatting mail disks with the execute formatmaildisk CLI command will result in the loss of all locally stored mail; execute formatmaildisk_backup will preserve it. These operations require a reboot when complete. For more information, see the FortiMail CLI Reference.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

One thought on “Best Practices and Fine Tuning

  1. Esther

    Hello:

    Is it possible to made a alert to notify me when sender exceeds some maximuns? For example when sender exceeds 500 mails/hour?

    Thanks

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.