Fortinet white logo
Fortinet white logo

Administration Guide

Configuring email archiving accounts

Configuring email archiving accounts

Before you can archive email, you need to set up and enable email archiving accounts, as described below. The archived emails will be stored in the archiving accounts. You can create multiple archive accounts and send different categories of email to different accounts. For the maximum number of archive accounts you can create, see Appendix B: Maximum Values.

When email is archived, you can view and manage the archived email messages. For more information, see Managing archived email. You can also access the email archive remotely through IMAP.

To enable and configure an email archive account
  1. Go to .
  2. GUI item

    Description

    Status

    Select to enable an email archiving account. Clear the check box to disable it.

    Account

    Lists email archive accounts.

    Index Type

    Indicates if archive indexing is in use and how much is indexed. Indexing speeds up content searches. The choices are:

    None: email is not indexed.

    Header: email headers are indexed.

    Full: the entire message is indexed.

    Storage

    Indicates the type of archive storage: Local or Remote.

    (Green dot in column heading)

    Indicates whether the archive is currently referred to by an archive policy. If so, a red dot appears in this column and the entry cannot be deleted.

  3. Click New to create an account or double-click an account to modify it.
  4. A multisection dialog appears.

  5. Configure the following sections, and click Create:

Configuring account settings

The following procedure is part of the email archive account configuration process. For general procedures about how to configure an archive account, see Configuring email archiving accounts. For information about how to use the email archiving feature, see Email archiving workflow.

  1. Go to .
  2. Click New to create a new account or double click on an existing account to edit it.
  3. For a new account, enter its name.
  4. This account name holds archived email. You also use this account name as the login user name if you want to access archived email remotely through IMAP. Do not include spaces in the name.

  5. In Password, enter the password for IMAP access if you want to access archived email remotely.
  6. In Forward to, if you require it, enter an email address to which the FortiMail unit will forward a copy when it archives an email.
  7. For Index type, specify whether you want to index the archived email. Email indexing helps to search the email messages in the archives more quickly. You can choose to index the email headers or the entire email messages.
  8. Enable Email archiving status. If the account is not enabled, you cannot select it in other places where it is used.
  9. Enable IMAP access if you want to access email archives through IMAP access.

Configuring rotation settings

The following procedure is part of the email archive account configuration process. For general procedures about how to configure an archive account, see Configuring email archiving accounts. For information about how to use the email archiving feature, see Email archiving workflow.

  1. Go to .
  2. Click New to create a new account or double click on an existing account to edit it.
  3. Under Rotation Setting, enter the Mailbox rotation size and Mailbox rotation time.
  4. When the mailbox reaches either the rotation size or time specified, whichever comes first, the email archiving mailbox is automatically renamed. The FortiMail unit generates a new mailbox file, where it continues saving email archives. You can access all rotated mailboxes through search.

  5. In Archiving options when disk quota is full, specify what the FortiMail unit should do if it runs out of disk space. Select Overwrite to removes the oldest email archive folder in order to make space for the new archive or select Do not archive to stop archiving more email.
  6. Whenever an archiving account reaches its disk quota, FortiMail may send an alert email to the administrator, if you enable this feature under Log and Report > Alert Email. For details, see Configuring alert categories.

Note

You cannot manually delete specific archived email messages. The only way to delete all of the email archives is to format the mail data disk.

Configuring destination settings

The following procedure is part of the email archive account configuration process. For general procedures about how to configure an archive account, see Configuring email archiving accounts. For information about how to use the email archiving feature, see Email archiving workflow.

  1. Go to .
  2. Click New to create a new account or double click on an existing account to edit it.
  3. Under Destination Setting, select an archiving destination:
  • Local (the FortiMail unit’s local hard drive, or a NAS server if you configure a NAS server as the remote storage target.
  • Remote (a remote FTP or SFTP storage server).
  • If Local is the archiving destination, enter the disk space quota in Local disk quota.
  • If you are archiving to the local disk, the disk quota for all the archiving accounts cannot exceed 80% of the total mail partition. If this quota is met, or 95% of the total disk space is used, FortiMail will automatically remove the oldest email archive folder in order to make space for the new archive.

    If you are archiving to a NAS server, there is no limit for the local disk quota of all the archiving accounts. But the local quota for a single archive account is limited with the valid range from 1GB to 80% of the total mail partition. The default value is 5GB.

    You can also configure how long the archive folders will be kept. Older folders than the specified retention period will be removed. The valid range is 0 to 3650 days. The default value is 0 day, meaning that no archive folders will be removed.

  • If Remote is the archiving destination, configure the following:
  • GUI item

    Description

    Protocol

    Select the protocol that the FortiMail unit will use to connect to the remote storage server, either SFTP or FTP.

    IP address

    Enter the IP address of the remote storage server.

    User name

    Enter the user name of an account the FortiMail unit will use to access the remote storage server, such as Fortimail.

    Password

    Enter the password for the user name of the account on the remote storage server.

    Remote directory

    Enter the directory path on the remote storage server where the FortiMail unit will store archived email, such as /home/fortimail/email-archives.

    Remote cache quota

    Enter the FortiMail cache quota that is allowed to be used for remote host archiving. The above statement regarding the local disk quota also applied to the cache quota.

    Archiving email from Microsoft Exchange journaling

    Microsoft Exchange servers can record/journal email and then send the journaled email to another server, such as FortiMail, for archiving.

    For both FortiMail and the Exchange Server to communicate, you must configure both sides. The document only describes the FortiMail side configurations.

    To archive the journaled email from an Exchange Server
    1. Add a journaling source (that is, the Exchange Server). See the below procedures.
    2. Create an archive account for the journaled email. See Configuring email archiving accounts.
    3. Create an archive policy to specify what email should be archived. See Configuring email archiving policies.
    To add a journaling source
    1. Go to .
    2. Click New and configuring the following:

    GUI item

    Description

    Status

    Enable the journaling source.

    Host

    Enter the IP address or host name of the Exchange server.

    Sender

    Enter the archive email sender address. Note that this is not the sender address in the email messages being archived. It is the email account that sends out the journaling email on the Exchange server.

    Recipient

    Enter the email account that receives journaling email on the FortiMail server. On the Exchange server, you must also specify this receiving account. Note that this is not the recipient address in the email messages being archived.

    Comments

    Optionally enter a comment.

    Email scanning

    Enable to scan the incoming journaled email with the configured recipient-based or IP policies. For details about policies, see Controlling email based on sender and recipient addresses and Controlling email based on IP addresses. Note that without matching policies, enabling this option only will not scan the email.

    Email archiving

    Enable to archive the email from the journal report.

    Email continuity

    Enable or disable email continuity, taking email from journal reports to users' mailboxes.

    When enabled, users can access inbound emails in instances where the email server protected by the FortiMail unit goes offline.

    Note: This command is only available when the FortiMail unit is operating in either gateway or transparent mode.

    See also

    Email archiving workflow

    Configuring email archiving policies

    Configuring email archiving exemptions

    Managing archived email

    Configuring email archiving accounts

    Configuring email archiving accounts

    Before you can archive email, you need to set up and enable email archiving accounts, as described below. The archived emails will be stored in the archiving accounts. You can create multiple archive accounts and send different categories of email to different accounts. For the maximum number of archive accounts you can create, see Appendix B: Maximum Values.

    When email is archived, you can view and manage the archived email messages. For more information, see Managing archived email. You can also access the email archive remotely through IMAP.

    To enable and configure an email archive account
    1. Go to .
    2. GUI item

      Description

      Status

      Select to enable an email archiving account. Clear the check box to disable it.

      Account

      Lists email archive accounts.

      Index Type

      Indicates if archive indexing is in use and how much is indexed. Indexing speeds up content searches. The choices are:

      None: email is not indexed.

      Header: email headers are indexed.

      Full: the entire message is indexed.

      Storage

      Indicates the type of archive storage: Local or Remote.

      (Green dot in column heading)

      Indicates whether the archive is currently referred to by an archive policy. If so, a red dot appears in this column and the entry cannot be deleted.

    3. Click New to create an account or double-click an account to modify it.
    4. A multisection dialog appears.

    5. Configure the following sections, and click Create:

    Configuring account settings

    The following procedure is part of the email archive account configuration process. For general procedures about how to configure an archive account, see Configuring email archiving accounts. For information about how to use the email archiving feature, see Email archiving workflow.

    1. Go to .
    2. Click New to create a new account or double click on an existing account to edit it.
    3. For a new account, enter its name.
    4. This account name holds archived email. You also use this account name as the login user name if you want to access archived email remotely through IMAP. Do not include spaces in the name.

    5. In Password, enter the password for IMAP access if you want to access archived email remotely.
    6. In Forward to, if you require it, enter an email address to which the FortiMail unit will forward a copy when it archives an email.
    7. For Index type, specify whether you want to index the archived email. Email indexing helps to search the email messages in the archives more quickly. You can choose to index the email headers or the entire email messages.
    8. Enable Email archiving status. If the account is not enabled, you cannot select it in other places where it is used.
    9. Enable IMAP access if you want to access email archives through IMAP access.

    Configuring rotation settings

    The following procedure is part of the email archive account configuration process. For general procedures about how to configure an archive account, see Configuring email archiving accounts. For information about how to use the email archiving feature, see Email archiving workflow.

    1. Go to .
    2. Click New to create a new account or double click on an existing account to edit it.
    3. Under Rotation Setting, enter the Mailbox rotation size and Mailbox rotation time.
    4. When the mailbox reaches either the rotation size or time specified, whichever comes first, the email archiving mailbox is automatically renamed. The FortiMail unit generates a new mailbox file, where it continues saving email archives. You can access all rotated mailboxes through search.

    5. In Archiving options when disk quota is full, specify what the FortiMail unit should do if it runs out of disk space. Select Overwrite to removes the oldest email archive folder in order to make space for the new archive or select Do not archive to stop archiving more email.
    6. Whenever an archiving account reaches its disk quota, FortiMail may send an alert email to the administrator, if you enable this feature under Log and Report > Alert Email. For details, see Configuring alert categories.

    Note

    You cannot manually delete specific archived email messages. The only way to delete all of the email archives is to format the mail data disk.

    Configuring destination settings

    The following procedure is part of the email archive account configuration process. For general procedures about how to configure an archive account, see Configuring email archiving accounts. For information about how to use the email archiving feature, see Email archiving workflow.

    1. Go to .
    2. Click New to create a new account or double click on an existing account to edit it.
    3. Under Destination Setting, select an archiving destination:
    • Local (the FortiMail unit’s local hard drive, or a NAS server if you configure a NAS server as the remote storage target.
    • Remote (a remote FTP or SFTP storage server).
  • If Local is the archiving destination, enter the disk space quota in Local disk quota.
  • If you are archiving to the local disk, the disk quota for all the archiving accounts cannot exceed 80% of the total mail partition. If this quota is met, or 95% of the total disk space is used, FortiMail will automatically remove the oldest email archive folder in order to make space for the new archive.

    If you are archiving to a NAS server, there is no limit for the local disk quota of all the archiving accounts. But the local quota for a single archive account is limited with the valid range from 1GB to 80% of the total mail partition. The default value is 5GB.

    You can also configure how long the archive folders will be kept. Older folders than the specified retention period will be removed. The valid range is 0 to 3650 days. The default value is 0 day, meaning that no archive folders will be removed.

  • If Remote is the archiving destination, configure the following:
  • GUI item

    Description

    Protocol

    Select the protocol that the FortiMail unit will use to connect to the remote storage server, either SFTP or FTP.

    IP address

    Enter the IP address of the remote storage server.

    User name

    Enter the user name of an account the FortiMail unit will use to access the remote storage server, such as Fortimail.

    Password

    Enter the password for the user name of the account on the remote storage server.

    Remote directory

    Enter the directory path on the remote storage server where the FortiMail unit will store archived email, such as /home/fortimail/email-archives.

    Remote cache quota

    Enter the FortiMail cache quota that is allowed to be used for remote host archiving. The above statement regarding the local disk quota also applied to the cache quota.

    Archiving email from Microsoft Exchange journaling

    Microsoft Exchange servers can record/journal email and then send the journaled email to another server, such as FortiMail, for archiving.

    For both FortiMail and the Exchange Server to communicate, you must configure both sides. The document only describes the FortiMail side configurations.

    To archive the journaled email from an Exchange Server
    1. Add a journaling source (that is, the Exchange Server). See the below procedures.
    2. Create an archive account for the journaled email. See Configuring email archiving accounts.
    3. Create an archive policy to specify what email should be archived. See Configuring email archiving policies.
    To add a journaling source
    1. Go to .
    2. Click New and configuring the following:

    GUI item

    Description

    Status

    Enable the journaling source.

    Host

    Enter the IP address or host name of the Exchange server.

    Sender

    Enter the archive email sender address. Note that this is not the sender address in the email messages being archived. It is the email account that sends out the journaling email on the Exchange server.

    Recipient

    Enter the email account that receives journaling email on the FortiMail server. On the Exchange server, you must also specify this receiving account. Note that this is not the recipient address in the email messages being archived.

    Comments

    Optionally enter a comment.

    Email scanning

    Enable to scan the incoming journaled email with the configured recipient-based or IP policies. For details about policies, see Controlling email based on sender and recipient addresses and Controlling email based on IP addresses. Note that without matching policies, enabling this option only will not scan the email.

    Email archiving

    Enable to archive the email from the journal report.

    Email continuity

    Enable or disable email continuity, taking email from journal reports to users' mailboxes.

    When enabled, users can access inbound emails in instances where the email server protected by the FortiMail unit goes offline.

    Note: This command is only available when the FortiMail unit is operating in either gateway or transparent mode.

    See also

    Email archiving workflow

    Configuring email archiving policies

    Configuring email archiving exemptions

    Managing archived email