Concepts And Flow

How FortiMail processes email

FortiMail units receive email for defined email domains and control relay of email to other domains. Email passing through the FortiMail unit can be scanned for viruses and spam. Policies and profiles govern how the FortiMail unit scans email and what it does with email messages containing viruses or spam. For information about policies, see “Configuring policies” on page 453. For information about profiles, see “Configuring profiles” on page 482.

In addition to policies and profiles, other configured items, such as email domains, may affect how your FortiMail unit processes email.

Email domains

An email domain is a set of email accounts that reside on a particular email server. The email domain name is the portion of the user’s email address following the “@” symbol.

FortiMail units can be configured to protect email domains (referred to as “protected domains” in this Administration Guide) by defining policies and profiles to scan and relay email that is incoming to or outbound from protected domains.

If the FortiMail unit is operating in gateway mode or transparent mode, there is one local email domain that represents the FortiMail unit itself. If the FortiMail unit is operating in server mode, protected domains reside locally on the FortiMail unit’s built-in email server.

For information about creating protected domains, see “Configuring protected domains” on page 380.

In transparent mode, each network interface includes a proxy and/or implicit MTA that receives and relays email. By default, the proxy/implicit MTA responds to SMTP greetings (HELO/EHLO) using the host name of the SMTP server of the protected domain. For information about configuring the proxies, see “Configuring proxies (transparent mode only)” on page 414. For information on configuring the SMTP greeting, see “Configuring protected domains” on page 380.

Access control rules

The access control rules allow you to control how email messages move to, from, and through the FortiMail unit. Using access control rules the FortiMail unit can analyze email messages and take action based on the result. Messages can be examined according to the sender email address, recipient email address, and the IP address or host name of the system delivering the email message.

Each access control rule specifies an action to be taken for matching email.

For information about configuring access control rules, see “Configuring access control rules” on page 456.

Recipient address verification

Recipient address verification ensures that the FortiMail unit rejects email with invalid recipients and does not scan or send them to the protected email server. This verification can reduce the load on the FortiMail unit when a spammer tries to send messages to every possible recipient name on the email server.

If you want to use recipient address verification, you need to verify email recipient addresses by using either the email server or an LDAP server.

Usually you can use the email server to perform address verification. This works with most email servers that provide a User unknown response to invalid addresses.

For instructions on configuring recipient address verification, see “Configuring protected domains” on page 380.

Disclaimer messages and customized appearance

You can customize both the disclaimer and replacement messages, as well as the appearance of the FortiMail unit interface.

The disclaimer message is attached to all email, generally warning the recipient the contents may be confidential. See “Configuring global disclaimers” on page 374.

Replacement messages are messages recipients receive instead of their email. These can include warnings about messages sent and incoming messages that are spam or infected with a virus. See “Customizing replacement messages” on page 279.

You can customize the appearance of the FortiMail unit web pages visible to mail administrators to better match a company look and feel. See “Customizing the GUI appearance” on page 276.

Advanced delivery features

Processing email takes time. That can cause delays that result in client and server timeouts. To reduce this problem, you can:

  • defer delivery to process oversized email at a time when traffic is expected to be light
  • send delivery status notifications (DSN)

For detailed information, see “Configuring mail server settings” on page 366.

Antispam techniques

Spam detection is a key feature of the FortiMail unit. The feature is based on two tiers of spam defense:

  • FortiMail antispam techniques
  • FortiGuard Antispam service

Each tier plays an important role in separating spam from legitimate email. FortiGuard Antispam delivers a highly-tuned managed service for the classification of spam while the FortiMail unit offers superior antispam detection and control technologies.

In addition to scanning incoming email messages, FortiMail units can also inspect the content of outgoing email messages. This can help eliminate the possibility that an employee or a compromised computer could send spam, resulting in the blacklisting of your organization’s email servers.

For more information on FortiMail antispam techniques, see “Configuring profiles” on page 482 and “Configuring antispam settings” on page 601.

This entry was posted in Administration Guides, FortiMail and tagged , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.