Scribd
Upload
74 views

Deploying FortiMail Server Mode

This document provides instructions for deploying FortiMail in server mode to function as a mail server. It outlines steps for enabling server mode in the web interface, configuring DNS records and firewall policies, adding email user accounts, and configuring mail user agents. Testing the installation by sending an email is also recommended. The key steps are enabling server mode, configuring DNS records, adding user accounts, and configuring mail clients to use the FortiMail server.

Uploaded by

Simina Spiridon
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
74 views

Deploying FortiMail Server Mode

This document provides instructions for deploying FortiMail in server mode to function as a mail server. It outlines steps for enabling server mode in the web interface, configuring DNS records and firewall policies, adding email user accounts, and configuring mail user agents. Testing the installation by sending an email is also recommended. The key steps are enabling server mode, configuring DNS records, adding user accounts, and configuring mail clients to use the FortiMail server.

Uploaded by

Simina Spiridon
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Deploying FortiMail Server Mode

FortiMail can acts as a standalone SMTP mail server when running in server mode. This
recipe guides you through the process of setting up your FortiMail unit as a mail server.

Important: Many of these steps require your FortiMail web interface to be running in
advanced mode.

Accessing Server Mode


Before any advanced configuration, you must enable Server Mode in the FortiMail web
interface.

1. Ensure your computer’s IP address is on the same subnet as FortiMail’s default IP


address (192.168.1.99).
2. Access the FortiMail web interface. FortiMail port1’s default IP address is
192.168.1.99. To access FortiMail’s web UI, make sure your PC’s IP address is on the
same subnet as FortiMail (ex. 192.168.1.98). Access this URL from a web
browser: https://192.168.1.99/admin. The “/admin” portion of the URL is
important.
3. Enter “admin” for the user name. Leave the password blank.
4. Navigate to Monitor > System Status > Status and change the Operation Mode
dropdown menu to Server.

5. Select the Quick Start Wizard button and follow the onscreen instructions .

Configuring DNS Records


I n order for external MTAs to deliver email to the FortiMail unit, you must configure the
public MX record for each protected domain to indicate that the FortiMail unit is its
email server.

If your FortiMail unit will relay outgoing email, you should also configure the public
reverse DNS record. The public IP address of the FortiMail unit, or the virtual IP address
on a firewall or router that maps to the private IP address of the FortiMail unit, should
be globally resolvable into the FortiMail unit’s FQDN. If it is not, reverse DNS lookup s by
external SMTP servers will fail.

For example, if the public network IP address of the FortiMail unit is 10.10.10.1, a public
DNS server’s reverse DNS zone file for the 10.10.10.0/24 subnet might contain:

1 IN PTR fortimail.example.com.

where fortimail.example.com is the FQDN of the FortiMail unit.

Configuring Firewall Policies


You must configure the policies of your firewall to allow for traffic. For more
information on how to create firewall policies, see your firewall documentation .

Adding Email User Accounts


Create one email user account for each protected domain to verify connectivity for the
domain.

1. Navigate to User > User > User .


2. Select example.com from the Domain list.
3. Select New to add an email user.
4. Enter the user name of the email address that will be locally deliverable on the
FortiMail unit ([email protected]).
5. Enter your password for the account.
6. Enter the name of the user as it should appear in a MUA (Test User1).
7. Select Create for a new user or OK for an existing user.

Configuring MUAs to use FortiMail


Configure the email clients of local and remote email users to use the FortiMail unit as
their outgoing mail server (SMTP)/MTA. For local email users, this is the FortiMail IP
address (192.168.1.5), for remote email users, this is the virtual IP address on
the wan1 network interface of the FortiGate unit that maps to the FortiMail unit
(10.10.10.1) or fortimail.example.com.

Configure email clients to authenticate with the email user’s user name and password
for outgoing mail. The user name is the email user’s entire email address, including the
domain name portion, such as [email protected].

Testing the Installation


Send an email message by using the illustrated paths to test the installation.

You might also like