Fortinet black logo

Administration Guide

Performance tuning

Performance tuning

  • Configure Recipient Address Verification (located in Domain & User > Domain > Domain) with an SMTP or LDAP server. This is especially important when quarantining is enabled because of the potentially large amount of quarantined mail for invalid recipients.
Note

Microsoft Exchange server's user verification feature is disabled by default.

    Alternatively, enable Automatic Removal of Invalid Quarantine Accounts (located in Domain & User > Domain > Domain) to delete invalid user quarantine directories daily at a configured time.

    If quarantining is enabled and neither of these features are enabled, performance will suffer and could potentially cause the FortiMail unit to refuse SMTP connections if subject to extremely heavy mail traffic.

  • Enable greylisting (located in Profile > AntiSpam > AntiSpam) to reject many spam delivery attempts before more resource-intensive antispam scans are used to identify spam.
  • Apply spam throttling features by creating an IP-based policy (located in Policy > IP Policy > IP Policy) with a session profile (located in Profile > Session > Session). Sender reputation, session limiting, and error handling are particularly useful.
  • To reduce latency associated with DNS queries, use a DNS server on your local network.
  • If logs are stored on the FortiMail unit, set logging rotation size (located in Log & Report > Log Setting > Local) to between 10 MB and 20 MB, and set the event logging level to warning or greater. Delete or back up old logs regularly to free storage space.
  • Regularly delete or backup old reports to reduce the number of reports on the local disk.
  • Regularly delete old and unwanted mail queue entries and quarantined mail.
  • Schedule resource-intensive and non-time-critical tasks, such as report generation and delivery of deferred oversize messages, to low-traffic periods.
  • Disable resource-intensive scans, such as the heuristic scan (located in Profile > AntiSpam > AntiSpam), when spam capture rate is otherwise satisfactory.
  • Consider enabling the Max message size to scan and Bypass scan on SMTP authentication in the Scan Conditions section of antispam profiles (located in Profile > AntiSpam > AntiSpam).
Caution

Back up logs and mail before formatting the hard disks. Formatting log disks deletes all log entries. Formatting mail disks with the execute formatmaildisk CLI command will result in the loss of all locally stored mail; execute formatmaildisk_backup will preserve it. These operations require a reboot when complete. For more information, see the FortiMail CLI Reference.

Performance tuning

  • Configure Recipient Address Verification (located in Domain & User > Domain > Domain) with an SMTP or LDAP server. This is especially important when quarantining is enabled because of the potentially large amount of quarantined mail for invalid recipients.
Note

Microsoft Exchange server's user verification feature is disabled by default.

    Alternatively, enable Automatic Removal of Invalid Quarantine Accounts (located in Domain & User > Domain > Domain) to delete invalid user quarantine directories daily at a configured time.

    If quarantining is enabled and neither of these features are enabled, performance will suffer and could potentially cause the FortiMail unit to refuse SMTP connections if subject to extremely heavy mail traffic.

  • Enable greylisting (located in Profile > AntiSpam > AntiSpam) to reject many spam delivery attempts before more resource-intensive antispam scans are used to identify spam.
  • Apply spam throttling features by creating an IP-based policy (located in Policy > IP Policy > IP Policy) with a session profile (located in Profile > Session > Session). Sender reputation, session limiting, and error handling are particularly useful.
  • To reduce latency associated with DNS queries, use a DNS server on your local network.
  • If logs are stored on the FortiMail unit, set logging rotation size (located in Log & Report > Log Setting > Local) to between 10 MB and 20 MB, and set the event logging level to warning or greater. Delete or back up old logs regularly to free storage space.
  • Regularly delete or backup old reports to reduce the number of reports on the local disk.
  • Regularly delete old and unwanted mail queue entries and quarantined mail.
  • Schedule resource-intensive and non-time-critical tasks, such as report generation and delivery of deferred oversize messages, to low-traffic periods.
  • Disable resource-intensive scans, such as the heuristic scan (located in Profile > AntiSpam > AntiSpam), when spam capture rate is otherwise satisfactory.
  • Consider enabling the Max message size to scan and Bypass scan on SMTP authentication in the Scan Conditions section of antispam profiles (located in Profile > AntiSpam > AntiSpam).
Caution

Back up logs and mail before formatting the hard disks. Formatting log disks deletes all log entries. Formatting mail disks with the execute formatmaildisk CLI command will result in the loss of all locally stored mail; execute formatmaildisk_backup will preserve it. These operations require a reboot when complete. For more information, see the FortiMail CLI Reference.