Fortinet Document Library

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

Retrieving public DNS record information

Below are the public DNS records for Fortinet. These, among others, can be accessed from mxtoolbox.com. Use the appropriate records you need in order to receive emails only from those you trust as authorized senders.

SPF record:

The following SPF record contains the client IP addresses who are authorized senders of permitted domains. The included domains listed are continuously checked until an authorized IP address match occurs, as highlighted by the red-text. The -all signifies that any other email that comes from outside those authorized senders listed comes from an unauthorized sender.

dig -t txt fortinet.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> -t txt fortinet.com @8.8.8.8

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54525

;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;fortinet.com. IN TXT

;; ANSWER SECTION:

fortinet.com. 21599 IN TXT "v=spf1 ip4:208.91.113.0/24 ip4:208.91.114.0/24 ip4:96.45.36.0/24 ip4:54.219.139.180/32 ip4:54.219.139.149/32 ip4:149.5.228.70 ip4:209.87.240.224/28 ip4:209.87.240.240/28 ip4:209.87.245.0/24 mx include:" "_spf.salesforce.com include:fortinet.co.jp include:obmail.socious.net include:freshdesk.fortinet.com -all"

fortinet.com. 21599 IN TXT "6c5446a498ce4d53b989cfd26942be56"

fortinet.com. 21599 IN TXT "GU471ZEfO/K1S60mBByKjl+gpL0jPAE+zYYlpa0mlLLm6b01NReZ+BXBoX2f1dQ8xUkcMcEYz6ficlvvOZwTug=="

fortinet.com. 21599 IN TXT "MS=3EDB3515616567F5F3B65CD58B2C045CD4F1D82F"

fortinet.com. 21599 IN TXT "pardot872291=187e99aeea474c37f2966e1aac54b813b2d9331ae23e3d2a17fe61672746f72a"

fortinet.com. 21599 IN TXT "facebook-domain-verification=aakjubmhk3oxdlv2efp7faayfcz8bf"

fortinet.com. 21599 IN TXT "MS=MS65931290"

;; Query time: 153 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Oct 07 09:39:09 EDT 2020

;; MSG SIZE rcvd: 751

DKIM record:

The following DKIM record contains the published public key, as highlighted by the red-text. This was generated in FortiMail earlier, and is used to sign and decrypt emails.

$ dig -t TXT dkim._domainkey.fortinet.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> -t TXT dkim._domainkey.fortinet.com @8.8.8.8

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52891

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;dkim._domainkey.fortinet.com. IN TXT

;; ANSWER SECTION:

dkim._domainkey.fortinet.com. 21599 IN TXT "t=y\; k=rsa\; p=" "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXjjL+pvOzLslaNCffq950RBJ2SQQ4p8ZLVTwJMdcK3aJouyYTN6UkhCkZELfXHZL3O6nUDz+mx14f/747lgSwBIbFzcnla6DAYYNNEYr2nvHepObVjrqLMTIB59yqkOzrOxt9biCXhV77TbZOoR4NrCxknC" "OiXBthFSMcDyqc2mx/SPvi0SiYPeADA7nPVZqy0RTTuOxdbAxYSvewi/Q/R476KBqnPeX1YMOr5OqS6jSISjSgF2jcQBqVf7bIHqNZ7PxGa6aqPnzSQnP6kU2n81QurrAXR6CoXfFn7SvvZzgN7hKKQoeIFx61IgmOhdReixmRrTwq7Cl9vxMVpv3wIDAQAB"

;; Query time: 110 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Oct 07 09:47:13 EDT 2020

;; MSG SIZE rcvd: 478

DMARC record:

The following DMARC record contains the default action to take if both SPF and DKIM fail (in this case, p=quarantine), as highlighted by the red-text. The RUA and RUF records are used to send XML files to record SPF and DKIM feedback.

dig -t txt _dmarc.fortinet.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> -t txt _dmarc.fortinet.com @8.8.8.8

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 144

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;_dmarc.fortinet.com. IN TXT

;; ANSWER SECTION:

_dmarc.fortinet.com. 599 IN TXT "v=DMARC1\; p=quarantine\; rua=mailto:dmarc-rua@fortinet.com\; ruf=mailto:dmarc-ruf@fortinet.com\; sp=none\; fo=1"

;; Query time: 100 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Oct 07 09:40:31 EDT 2020

;; MSG SIZE rcvd: 168

Retrieving public DNS record information

Below are the public DNS records for Fortinet. These, among others, can be accessed from mxtoolbox.com. Use the appropriate records you need in order to receive emails only from those you trust as authorized senders.

SPF record:

The following SPF record contains the client IP addresses who are authorized senders of permitted domains. The included domains listed are continuously checked until an authorized IP address match occurs, as highlighted by the red-text. The -all signifies that any other email that comes from outside those authorized senders listed comes from an unauthorized sender.

dig -t txt fortinet.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> -t txt fortinet.com @8.8.8.8

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54525

;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;fortinet.com. IN TXT

;; ANSWER SECTION:

fortinet.com. 21599 IN TXT "v=spf1 ip4:208.91.113.0/24 ip4:208.91.114.0/24 ip4:96.45.36.0/24 ip4:54.219.139.180/32 ip4:54.219.139.149/32 ip4:149.5.228.70 ip4:209.87.240.224/28 ip4:209.87.240.240/28 ip4:209.87.245.0/24 mx include:" "_spf.salesforce.com include:fortinet.co.jp include:obmail.socious.net include:freshdesk.fortinet.com -all"

fortinet.com. 21599 IN TXT "6c5446a498ce4d53b989cfd26942be56"

fortinet.com. 21599 IN TXT "GU471ZEfO/K1S60mBByKjl+gpL0jPAE+zYYlpa0mlLLm6b01NReZ+BXBoX2f1dQ8xUkcMcEYz6ficlvvOZwTug=="

fortinet.com. 21599 IN TXT "MS=3EDB3515616567F5F3B65CD58B2C045CD4F1D82F"

fortinet.com. 21599 IN TXT "pardot872291=187e99aeea474c37f2966e1aac54b813b2d9331ae23e3d2a17fe61672746f72a"

fortinet.com. 21599 IN TXT "facebook-domain-verification=aakjubmhk3oxdlv2efp7faayfcz8bf"

fortinet.com. 21599 IN TXT "MS=MS65931290"

;; Query time: 153 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Oct 07 09:39:09 EDT 2020

;; MSG SIZE rcvd: 751

DKIM record:

The following DKIM record contains the published public key, as highlighted by the red-text. This was generated in FortiMail earlier, and is used to sign and decrypt emails.

$ dig -t TXT dkim._domainkey.fortinet.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> -t TXT dkim._domainkey.fortinet.com @8.8.8.8

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52891

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;dkim._domainkey.fortinet.com. IN TXT

;; ANSWER SECTION:

dkim._domainkey.fortinet.com. 21599 IN TXT "t=y\; k=rsa\; p=" "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXjjL+pvOzLslaNCffq950RBJ2SQQ4p8ZLVTwJMdcK3aJouyYTN6UkhCkZELfXHZL3O6nUDz+mx14f/747lgSwBIbFzcnla6DAYYNNEYr2nvHepObVjrqLMTIB59yqkOzrOxt9biCXhV77TbZOoR4NrCxknC" "OiXBthFSMcDyqc2mx/SPvi0SiYPeADA7nPVZqy0RTTuOxdbAxYSvewi/Q/R476KBqnPeX1YMOr5OqS6jSISjSgF2jcQBqVf7bIHqNZ7PxGa6aqPnzSQnP6kU2n81QurrAXR6CoXfFn7SvvZzgN7hKKQoeIFx61IgmOhdReixmRrTwq7Cl9vxMVpv3wIDAQAB"

;; Query time: 110 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Oct 07 09:47:13 EDT 2020

;; MSG SIZE rcvd: 478

DMARC record:

The following DMARC record contains the default action to take if both SPF and DKIM fail (in this case, p=quarantine), as highlighted by the red-text. The RUA and RUF records are used to send XML files to record SPF and DKIM feedback.

dig -t txt _dmarc.fortinet.com @8.8.8.8

; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> -t txt _dmarc.fortinet.com @8.8.8.8

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 144

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;_dmarc.fortinet.com. IN TXT

;; ANSWER SECTION:

_dmarc.fortinet.com. 599 IN TXT "v=DMARC1\; p=quarantine\; rua=mailto:dmarc-rua@fortinet.com\; ruf=mailto:dmarc-ruf@fortinet.com\; sp=none\; fo=1"

;; Query time: 100 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Wed Oct 07 09:40:31 EDT 2020

;; MSG SIZE rcvd: 168