Configuring the use of DSN
If desired, enable delivery service notifications and set the display options.
Click the down-arrow beside the heading to expand the options.
DSN | |
DSN (NDR) email generation | Enable to allow the FortiMail unit to send delivery status notification (DSN) email messages sent by the FortiMail unit to notify email users of delivery delays and/or failure. |
Sender displayname | The name of the sender, such as FortiMail administrator, as it should appear in DSN.
If this field is empty, the FortiMail unit sends DSN from the default name of postmaster. |
Sender address | The sender email address in DSN.
If this field is empty, the FortiMail unit sends DSN from the default sender email address of postmaster@<domain_str>, where <domain_str> is the domain name of the FortiMail unit, such as example.com. |
Configuring the mail queues and ESMTP
The mail queue options affect what you will see on FortiMail’s two mail queues. See “Viewing and managing mail queues” on page 123.
Click the down-arrow beside a heading to expand the options.
Mail Queue
Maximum time for Select the maximum number of hours that deferred/delayed email email in queue messages can remain in the delayed mail queue.
After the maximum time passes, the FortiMail unit will send a final delivery status notification (DSN) email message to notify the sender that the email message was undeliverable.
Maximum time for DSN email in queue | Select the maximum number of days a delivery status notification (DSN) message can remain in the mail queues. If the maximum time is set to zero (0) days, the FortiMail unit attempts to deliver the DSN only once.
After the maximum time has been reached, the DSN email is moved to the dead mail folder. |
Time before delay warning | Select the number of hours after an initial failure to deliver an email message before the FortiMail unit sends the first delivery status notification (DSN) email message to notify the sender that the email message has been deferred.
After sending this initial DSN, the FortiMail unit will continue to retry sending the email until reaching the limit configured in Maximum time for email in queue. |
Time interval for retry | Select the number of minutes between delivery retries for email messages in the deferred and spam mail queues. |
The number of Enter the number of days that undeliverable email and its days a dead mail is associated DSN will be kept in the dead mail folder. After this to be kept amount of time, the dead email and its DSN is automatically deleted.
Delivery Options
Disable ESMTP for Mark the check box to disable Extended Simple Mail Transfer outgoing email Protocol (ESMTP) for outgoing email.
By default, FortiMail units can use ESMTP commands. ESMTP supports email messages with graphics, sound, video, and text in various languages.
Configuring an LDAP connection
You can set up an LDAP connection for email address mappings and access to unprotected domains. This is not available in server mode.
Click the down-arrow beside the heading to expand the options.
Domain Check These options apply to gateway and transparent mode only
Perform LDAP domain verification for unknown domains | Enable to verify the existence of domains that have not been configured as protected domains. Also configure LDAP profile for domain check.
To verify the existence of unknown domains, the FortiMail unit queries an LDAP server for a user object that contains the email address. If the user object exists, the verification is successful, and: • If Automatically create domain association for verified domain is enabled, the FortiMail unit automatically adds the unknown domain as a domain associated of the protected domain selected in Internal domain to hold association. • If Automatically create domain association for verified domain is disabled, and the DNS lookup of the unknown domain name is successful, the FortiMail unit routes the email to the IP address resolved for the domain name during the DNS lookup. Because the domain is not formally defined as a protected domain, the email is considered to be outgoing, and outgoing recipient-based policies are used to scan the email. |
LDAP profile for domain check | Select the LDAP profile to use when verifying existence of unknown domains. The LADP query is configured under User Query Options in an LDAP profile.
This option is available only if Perform LDAP domain verification for unknown domains is enabled. |
Automatically create domain association for verified domain | Enable to automatically add unknown domains as domain associations if they are successfully verified by the LDAP query.
This option is available only if Perform LDAP domain verification for unknown domains is enabled. |
Internal domain to Select the name of a protected domain with which to associate hold domain unknown domains, if they pass domain verification. association
This option is available only if Automatically create domain association for verified domain is enabled.