Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Portal Guide

    Home FortiMail Cloud Portal Guide

    Post provision configuration

    Post provision configuration

    When you have configured the protected domains on a FortiMail Cloud tenant, then it is ready to be connected to email servers and clients.

    Note

    Antispam and other features can be configured either before connection setup, or later. Gradually configuring each feature after connection setup can simplify testing and troubleshooting.

    Connection setup requires these steps in order:

    1. (Gateway mode only) On FortiMail Cloud, in the tenant, configure an access control rule to allow outgoing email from your email servers to the Internet. For details, see the FortiMail Cloud Administration Guide.

    2. On your email servers, configure access control rules to allow incoming SMTP/SMTPS email connections from FortiMail Cloud. Also configure your email servers to use your FortiMail Cloud as the mail relay for outgoing email.

      On Google Workspace or Microsoft 365, if you use the API connection, then you must also grant API access permissions and configure the tenant ID and secret key that your FortiMail Cloud will use. For details, see the Microsoft 365 Scan Mode Deployment Guide or the Google Workspace Scan Mode Deployment Guide.

    3. On the DNS servers for your domains, configure the MX records with the domain name of your FortiMail Cloud tenant so that incoming email is delivered through it. Remove other entries so that FortiMail Cloud cannot be bypassed.

      Optionally, for improved security, also add DKIM and SPF records. For details, see the FortiMail Cloud Administration Guide.

      For a reminder of required steps, select the row for the tenant, and then select Action > Show Post Provision Configuration.

    Previous
    Next

    Post provision configuration

    Post provision configuration

    When you have configured the protected domains on a FortiMail Cloud tenant, then it is ready to be connected to email servers and clients.

    Note

    Antispam and other features can be configured either before connection setup, or later. Gradually configuring each feature after connection setup can simplify testing and troubleshooting.

    Connection setup requires these steps in order:

    1. (Gateway mode only) On FortiMail Cloud, in the tenant, configure an access control rule to allow outgoing email from your email servers to the Internet. For details, see the FortiMail Cloud Administration Guide.

    2. On your email servers, configure access control rules to allow incoming SMTP/SMTPS email connections from FortiMail Cloud. Also configure your email servers to use your FortiMail Cloud as the mail relay for outgoing email.

      On Google Workspace or Microsoft 365, if you use the API connection, then you must also grant API access permissions and configure the tenant ID and secret key that your FortiMail Cloud will use. For details, see the Microsoft 365 Scan Mode Deployment Guide or the Google Workspace Scan Mode Deployment Guide.

    3. On the DNS servers for your domains, configure the MX records with the domain name of your FortiMail Cloud tenant so that incoming email is delivered through it. Remove other entries so that FortiMail Cloud cannot be bypassed.

      Optionally, for improved security, also add DKIM and SPF records. For details, see the FortiMail Cloud Administration Guide.

      For a reminder of required steps, select the row for the tenant, and then select Action > Show Post Provision Configuration.

    Previous
    Next