Configuring mail servers
The Mail Server Settings tab lets you configure assorted settings that apply to the SMTP server and webmail server that are built into the FortiMail unit.
To configure mail server settings
- Go to Settings > Domains > Mail Server Settings.
A multisection dialog appears.
Figure 36:Mail server settings dialog
- Click the down-arrows beside each section title and configure the following:
| Local Host | Configure the local host and SMTP settings. See “Configuring the local host” on page 140. |
| Relay Server | Configure the relay server. See “Configuring the relay server and policy for oversized messages” on page 141. |
| Deferred oversize message delivery | Specify how to handle oversized messages. See “Configuring the relay server and policy for oversized messages” on page 141. |
| DSN | Specify if and how to manage delivery service notifications. See “Configuring the use of DSN” on page 143. |
| Mail Queue | Set how long mail can remain in the delayed and dead mail queues. See “Configuring the mail queues and ESMTP” on page 143. |
| Delivery Options | Enable or disable Extended Simple Mail Transfer Protocol (ESMTP). See “Configuring the mail queues and ESMTP” on page 143. |
| Domain Check | Enable to verify the existence of domains that have not been configured as protected domains. See “Configuring an LDAP |
connection” on page 144.
This option is not available in server mode.
- Click Apply when done.
Configuring the local host
Configure the mail server and SMTP connections.
Figure 37:Host settings
| Local Host | |
| Host name | Enter the host name of the FortiMail unit.
The FortiMail unit’s fully qualified domain name (FQDN) is in the format: <host-name>.<local-domain-name> such as fortimail-400.example.com, where fortimail-400 is the Host name and example.com is the Local domain name. Note: The FQDN of the FortiMail unit should be different from that of protected SMTP servers. Note: You should use a different host name for each FortiMail unit. |
| Local domain name | Enter the local domain name to which the FortiMail unit belongs, such as example.com.
Note: The IP address should be globally resolvable into the FQDN of the FortiMail unit if it will relay outgoing email. If it is not globally resolvable, reverse DNS lookups of the FortiMail unit’s domain name by external SMTP servers will fail. For quarantine reports, if the FortiMail unit is operating in server mode or gateway mode, DNS records for the local domain name may need to be globally resolvable to the IP address of the FortiMail unit. If it is not globally resolvable, web and email release/delete for the per-recipient quarantines may fail. |
| SMTP server port number | Enter the port number on which the FortiMail unit’s SMTP server will listen for SMTP connections. The default port number is 25. |
| SMTP over SSL/TLS | Enable to allow SSL- and TLS-secured connections from SMTP clients that request SSL/TLS.
When disabled, SMTP connections with the FortiMail unit’s built-in MTA must occur as clear, unencrypted text. Note: This option must be enabled to receive SMTPS connections. However, it does not require them. |
| SMTPS server port number | Enter the port number on which the FortiMail unit’s built-in MTA listens for secure SMTP connections. The default port number is 465.
This option is unavailable if SMTP over SSL/TLS is disabled. |
| SMTP MSA service | Enable to allow your email clients to use SMTP for message submission on a separate TCP port number from deliveries or mail relay by MTAs. |
| SMTP MSA port number | Enter the TCP port number on which the FortiMail unit listens for email clients to submit email for delivery. The default port number is 587. |
| POP3 server port number | Enter the port number on which the FortiMail unit’s POP3 server will listen for POP3 connections. The default port number is 110.
This option is available only in server mode. |
| Default domain for authentication | If you set one domain as the default domain, users on the default domain only need to enter their user names without the domain part for webmail/SMTP/IMAP/POP3 authentication, such as user1. Users on the non-default domains must enter both the user name part and domain part to authentication, such as user2@example.com. |
Configuring the relay server and policy for oversized messages
Configure the relay server and specify how to handle very large messages.
Click the down-arrow beside each heading to expand the options.
Figure 38:Relay server and oversized messages
| Relay Server | ||
| Relay server name | Enter the domain name of an SMTP relay, if any, to which the FortiMail unit will relay outgoing email. This is typically provided by your Internet service provider (ISP), but could be a mail relay on your internal network.
This option is ignored in transparent mode. |
|
| Relay server port | Enter the TCP port number on which the SMTP relay listens.
This is typically provided by your Internet service provider (ISP). |
|
| Use SMTPs | Enable to initiate SSL- and TLS-secured connections to the SMTP relay if it supports SSL/TLS.
When disabled, SMTP connections from the FortiMail unit’s built-in MTA or proxy to the relay will occur as clear text, unencrypted. This option must be enabled to initiate SMTPS connections. |
|
| Authentication Required | If the relay server requires use of the SMTP AUTH command, enable this option, then click the arrow to expand and configure:
• User name: Enter the name of the FortiMail unit’s account on the SMTP relay. • Password: Enter the password for the FortiMail unit’s user name. • Authentication type: Available SMTP authentication types include: • AUTO (automatically detect and use the most secure SMTP authentication type supported by the relay server) • PLAIN • LOGIN • DIGEST-MD5 • CRAM-MD5 |
|
| Deferred message delivery | To defer sending email messages that are larger than the limit during certain periods, use Start delivering messages and Stop delivering messages to configure the start and stop times.
Schedule delivery during times when email traffic volume is low, such as nights and weekends. |
|
| Start delivering messages at | Select the hour and minute of the day at which to begin delivering oversized email messages. | |
| Stop delivering messages at | Select the hour and minute of the day at which to stop delivering oversized email messages. |
|