DOCUMENT LIBRARY

Administration Guide

Email concepts and process workflow
- Email protocols
- Client-server connections in SMTP
- DNS role in email delivery
- How FortiMail processes email
- FortiMail operation modes
- FortiMail high availability modes
- FortiMail management methods
Setting up FortiMail system
- Connecting to the web UI or CLI
- Choosing the operation mode
- Running the Quick Start Wizard
- Connecting to FortiGuard services
- Gateway mode deployment
- Transparent mode deployment
- Server mode deployment
- Testing the installation
- Backing up the configuration
Using the dashboard
- Viewing the dashboard
- Using the CLI Console
Using FortiView
- Viewing mail statistics
- View threat statistics
- Viewing top user statistics
- Viewing current IP sessions
Monitoring the system
- Viewing log messages
- Managing the quarantines
- Managing the mail queue
- Viewing the greylist statuses
- Viewing sender, authentication and endpoint reputation
- Managing archived email
- Viewing generated reports
Centrally monitoring the HA cluster
- Viewing the cluster status
- Viewing HA cluster mail statistics
- Viewing HA cluster threat statistics
- Searching the HA cluster logs
Configuring system settings
- Configuring network settings
- Configuring administrator accounts and access profiles
- Configuring system time, options, and other system options
- Configuring mail settings
- Customizing GUI, replacement messages, email templates, SSO, and Security Fabric
- Configuring RAID
- Using high availability (HA)
- Managing certificates
- Using FortiSandbox antivirus inspection
- Configuring FortiGuard services
- System maintenance
Configuring domains and users
- Configuring protected domains
- Managing users
- Configuring user aliases
- Configuring address mappings
- Configuring IBE users
- Managing the address book (server mode only)
- Sharing calendars and address books (server mode only)
- Migrating email from other mail servers (server mode only)
Configuring policies
- What is a policy?
- How to use policies
- Controlling SMTP access and delivery
- Controlling email based on IP addresses
- Controlling email based on sender and recipient addresses
Configuring profiles
- Configuring session profiles
- Configuring antispam profiles and antispam action profiles
- Configuring antivirus profiles and antivirus action profiles
- Configuring content profiles and content action profiles
- Configuring resource profiles
- Workflow to enable and configure authentication of email users
- Configuring authentication profiles
- Configuring LDAP profiles
- Configuring dictionary profiles
- Configuring security profiles
- Configuring IP pools
- Configuring email, IP and GeoIP groups
- Configuring notification profiles
Configuring security settings
- Configuring the FortiGuard URL filter
- Configuring authentication reputation
- Configuring email quarantines and quarantine reports
- Configuring the block lists and safe lists
- Configuring greylisting
- Configuring bounce verification and tagging
- Configuring endpoint reputation
- Training and maintaining the Bayesian databases
- Adding file signatures
- Configuring action profile preferences
- Configuring adult image analysis
Configuring encryption settings
- Configuring IBE encryption
- Configuring certificate bindings
Configuring data loss prevention
- DLP configuration workflow
- Defining the sensitive data
- Configuring DLP rules
- Configuring DLP profiles
Archiving email
- Email archiving workflow
- Configuring email archiving accounts
- Configuring email archiving policies
- Configuring email archiving exemptions
Logs, reports and alerts
- About FortiMail logging
- Configuring logging
- Configuring report profiles and generating mail statistic reports
- Configuring alert email
Microsoft 365 threat remediation
- Microsoft 365 protection workflow
- Configuring Microsoft 365 accounts
- Configuring profiles
- Configuring scanning policies
- Monitoring log messages
Installing firmware
- Testing firmware before installing it
- Installing firmware
- Clean installing firmware
- Upgrading firmware on HA units
Best practices and fine tuning
- General security tuning
- System security tuning
- Network topology tuning
- High availability (HA) tuning
- SMTP connectivity tuning
- Antispam tuning
- Policy tuning
- System maintenance tips
- Performance tuning
Troubleshooting
- Establish a system baseline
- Define the problem
- Search for a known solution
- Create a troubleshooting plan
- Gather system information
- Troubleshoot hardware issues
- Troubleshoot GUI and CLI connection issues
- Troubleshoot FortiGuard connection issues
- Troubleshoot MTA issues
- Troubleshoot antispam issues
- Troubleshoot HA issues
- Troubleshoot resource issues
- Troubleshoot bootup issues
- Troubleshoot installation issues
- Contact Fortinet customer support for assistance
Setup for email users
- Training Bayesian databases
- Managing tagged spam
- Accessing the personal quarantine and webmail
- Sending email from an email client (gateway and transparent mode)
Appendix A: Supported RFCs
Appendix B: Maximum Values
Appendix C: Port Numbers
Appendix D: Wildcards and regular expressions
- Special characters with regular expressions and wildcards
- Case sensitivity
- Modifiers
- Word boundary
- Syntax
- Examples
Appendix E: Working with TLS/SSL
- About TLS/SSL
- How TLS/SSL works
- FortiMail support of TLS/SSL
- Troubleshooting FortiMail TLS issues
Appendix F: PKI Authentication
- Introduction to PKI authentication
- FortiMail PKI architecture
- Configuring PKI authentication on FortiMail
Change Log

Home FortiMail 6.4.4 Administration Guide

6.4.4

Configuring email, IP and GeoIP groups

The Profile > Group tab displays the list of email and IP group profiles.

To access this part of the web UI, your administrator account’s:

Domain must be System
access profile must have Read or Read-Write permission to the Policy category.

For details, see About administrator account permissions and domains.

Configuring email groups

Email groups include groups of email addresses that can be used when configuring access control rules and recipient-based policies. For information about access control rules and polices, see Configuring access control rules and Controlling email based on sender and recipient addresses.

To configure email groups

Go to Profile > Group > Email Group.
Either click New to add a profile or double-click a profile to modify it. The profile name is editable.

A dialog appears.

For a new group, enter a name for this email group.

The name must contain only alphanumeric characters. Spaces are not allowed.

In New member, enter the email address of a group member and click -> to move the address to the Current members field.

You can also use wildcards to enter partial patterns that can match multiple email addresses. The asterisk represents one or more characters and the question mark (?) represents any single character.

For example, the pattern ??@*.com will match any email user with a two letter email user name from any “.com” domain name.

To remove a member’s email address, select the address in the Current members field and click <-.

Click Create or OK.

Configuring IP groups

IP groups include groups of IP addresses that can be used when configuring access control rules and IP-based policies. For information about access control rules and polices, see Configuring access control rules and Controlling email based on IP addresses.

To configure an IP group

Go to Profile > Group > IP Group.
Either click New to add a profile or double-click profile to modify it.

A dialog appears.

For a new group, enter a name in Group name.

The name must contain only alphanumeric characters. Spaces are not allowed.

Under IP Groups, click New.

A field appears under IP/Netmask or IP Range.

Enter the IP address and netmask of the group, or the IP range. Use the netmask, the portion after the slash (/), to specify the matching subnet.

For example, enter 10.10.10.10/24 to match a 24-bit subnet, or all addresses starting with 10.10.10. This will appear as 10.10.10.0/24 in the access control rule table, with the 0 indicating that any value is matched in that position of the address.

Similarly, 10.10.10.10/32 will appear as 10.10.10.10/32 and match only the 10.10.10.10 address.

To match any address, enter 0.0.0.0/0.

Click Create.

Configuring GeoIP groups

Starting from 6.2 release, FortiMail utilizes the GeoIP database to map the geolocations of client IP addresses. You can use GeoIP groups in access control rules and IP-based policies to geo-targeting spam and virus devices. For information about access control rules and polices, see Configuring access control rules and Controlling email based on IP addresses.

You can also override geolocation mappings that may not be correct in the GeoIP database. For details, see Configuring GeoIP Override.

To configure a GeoIP group

Go to Profile > Group > GeoIP Group.
Either click New to add a profile or double-click profile to modify it.

A dialog appears.

For a new group, enter a name in Group name.

The name must contain only alphanumeric characters. Spaces are not allowed.

Optionally enter a comment.
If you want to create a group to include all countries and regions, enable this option and click Create. Otherwise, disable this option and move the available countries, regions, or override groups to the member list, and click Create. You can have a maximum of 30 countries/regions in one group.