Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiMail 7.2.5 Administration Guide
    7.2.5
    7.6.1
    7.6.0
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.7
    6.2.0
    6.0.6
    6.0.4
    6.0.3
    6.0.1
    6.0.0

    Configuring email, IP and GeoIP groups

    Configuring email, IP and GeoIP groups

    The Profile > Group tab displays the list of email and IP group and override profiles.

    This sections includes:

    Configuring email groups

    Email groups include groups of email addresses that can be used when configuring access control rules and recipient-based policies. For information about access control rules and polices, see Configuring access control rules and Controlling email based on sender and recipient addresses.

    To configure email groups
    1. Go to .
    2. Either click New to add a profile or double-click a profile to modify it. The profile name is editable.

      3. A dialog appears.

    3. For a new group, enter a name for this email group.

      4. The name must contain only alphanumeric characters. Spaces are not allowed.

    4. In New member, enter the email address of a group member and click -> to move the address to the Current members field.

      5. You can also use wildcards to enter partial patterns that can match multiple email addresses. The asterisk represents one or more characters and the question mark (?) represents any single character.

      For example, the pattern ??@*.com will match any email user with a two letter email user name from any “.com” domain name.

      Note

      To remove a member’s email address, select the address in the Current members field and click <-.
    5. Click Create or OK.

    Configuring IP groups

    IP groups include groups of IP addresses that can be used when configuring access control rules and IP-based policies. For information about access control rules and polices, see Configuring access control rules and Controlling email based on IP addresses.

    To configure an IP group
    1. Go to Profile > Group > IP Group.
    2. Either click New to add a profile or double-click a profile to modify it.

      3. A dialog appears.

    3. For a new group, enter a name in Group name.

      4. The name must contain only alphanumeric characters. Spaces are not allowed.

    4. Under IP Groups, click New.

      5. A field appears under IP/Netmask or IP Range.

    5. Enter the IP address and netmask of the group, or the IP range. Use the netmask, the portion after the slash (/), to specify the matching subnet.

      6. For example, enter 10.10.10.10/24 to match a 24-bit subnet, or all addresses starting with 10.10.10. This will appear as 10.10.10.0/24 in the access control rule table, with the 0 indicating that any value is matched in that position of the address.

      Similarly, 10.10.10.10/32 will appear as 10.10.10.10/32 and match only the 10.10.10.10 address.

      To match any address, enter 0.0.0.0/0.

    6. Click Create.

    Configuring GeoIP groups

    Starting from 6.2 release, FortiMail utilizes the GeoIP database to map the geolocations of client IP addresses. You can use GeoIP groups in access control rules and IP-based policies to geo-targeting spam and virus devices. For information about access control rules and polices, see Configuring access control rules and Controlling email based on IP addresses.

    You can also override geolocation mappings that may not be correct in the GeoIP database. For details, see Configuring GeoIP override.

    To configure a GeoIP group
    1. Go to Profile > Group > GeoIP Group.
    2. Either click New to add a profile or double-click a profile to modify it.

      3. A dialog appears.

    3. For a new group, enter a name in Group name.

      4. The name must contain only alphanumeric characters. Spaces are not allowed.

    4. Optionally enter a comment.
    5. If you want to create a group to include all countries and regions, enable this option and click Create. Otherwise, disable this option and move the available countries, regions, or override groups to the member list, and click Create. You can have a maximum of 30 countries/regions in one group.

    Configuring GeoIP override

    GeoIP service looks up the IP address geolocations in the GeoIP database. However, in some cases, the lookup might not be accurate, for example, when clients use proxies.

    With FortiMail, you can override the GeoIP lookup by manually specifying the geolocations of some IP addresses/IP ranges. When you create GeoIP groups (see Configuring GeoIP groups), you can use the override geolocations in the groups.

    Note

    When entering IP addresses for GeoIP overrides, only IPv4 addresses are supported.

    To configure GeoIP override
    1. Go to System > FortiGuard > GeoIP Override.
    2. Click New.
    3. Specify a geolocation name for the client IP addresses.
    4. Optionally enter a description.
    5. Click New to specify the IPv4 addresses that you want to include in the geolocation.
    6. Click Create.

    You can test GeoIP lookup by clicking IP Geography Query.

    Previous
    Next

    Configuring email, IP and GeoIP groups

    Configuring email, IP and GeoIP groups

    The Profile > Group tab displays the list of email and IP group and override profiles.

    This sections includes:

    Configuring email groups

    Email groups include groups of email addresses that can be used when configuring access control rules and recipient-based policies. For information about access control rules and polices, see Configuring access control rules and Controlling email based on sender and recipient addresses.

    To configure email groups
    1. Go to .
    2. Either click New to add a profile or double-click a profile to modify it. The profile name is editable.

      3. A dialog appears.

    3. For a new group, enter a name for this email group.

      4. The name must contain only alphanumeric characters. Spaces are not allowed.

    4. In New member, enter the email address of a group member and click -> to move the address to the Current members field.

      5. You can also use wildcards to enter partial patterns that can match multiple email addresses. The asterisk represents one or more characters and the question mark (?) represents any single character.

      For example, the pattern ??@*.com will match any email user with a two letter email user name from any “.com” domain name.

      Note

      To remove a member’s email address, select the address in the Current members field and click <-.
    5. Click Create or OK.

    Configuring IP groups

    IP groups include groups of IP addresses that can be used when configuring access control rules and IP-based policies. For information about access control rules and polices, see Configuring access control rules and Controlling email based on IP addresses.

    To configure an IP group
    1. Go to Profile > Group > IP Group.
    2. Either click New to add a profile or double-click a profile to modify it.

      3. A dialog appears.

    3. For a new group, enter a name in Group name.

      4. The name must contain only alphanumeric characters. Spaces are not allowed.

    4. Under IP Groups, click New.

      5. A field appears under IP/Netmask or IP Range.

    5. Enter the IP address and netmask of the group, or the IP range. Use the netmask, the portion after the slash (/), to specify the matching subnet.

      6. For example, enter 10.10.10.10/24 to match a 24-bit subnet, or all addresses starting with 10.10.10. This will appear as 10.10.10.0/24 in the access control rule table, with the 0 indicating that any value is matched in that position of the address.

      Similarly, 10.10.10.10/32 will appear as 10.10.10.10/32 and match only the 10.10.10.10 address.

      To match any address, enter 0.0.0.0/0.

    6. Click Create.

    Configuring GeoIP groups

    Starting from 6.2 release, FortiMail utilizes the GeoIP database to map the geolocations of client IP addresses. You can use GeoIP groups in access control rules and IP-based policies to geo-targeting spam and virus devices. For information about access control rules and polices, see Configuring access control rules and Controlling email based on IP addresses.

    You can also override geolocation mappings that may not be correct in the GeoIP database. For details, see Configuring GeoIP override.

    To configure a GeoIP group
    1. Go to Profile > Group > GeoIP Group.
    2. Either click New to add a profile or double-click a profile to modify it.

      3. A dialog appears.

    3. For a new group, enter a name in Group name.

      4. The name must contain only alphanumeric characters. Spaces are not allowed.

    4. Optionally enter a comment.
    5. If you want to create a group to include all countries and regions, enable this option and click Create. Otherwise, disable this option and move the available countries, regions, or override groups to the member list, and click Create. You can have a maximum of 30 countries/regions in one group.

    Configuring GeoIP override

    GeoIP service looks up the IP address geolocations in the GeoIP database. However, in some cases, the lookup might not be accurate, for example, when clients use proxies.

    With FortiMail, you can override the GeoIP lookup by manually specifying the geolocations of some IP addresses/IP ranges. When you create GeoIP groups (see Configuring GeoIP groups), you can use the override geolocations in the groups.

    Note

    When entering IP addresses for GeoIP overrides, only IPv4 addresses are supported.

    To configure GeoIP override
    1. Go to System > FortiGuard > GeoIP Override.
    2. Click New.
    3. Specify a geolocation name for the client IP addresses.
    4. Optionally enter a description.
    5. Click New to specify the IPv4 addresses that you want to include in the geolocation.
    6. Click Create.

    You can test GeoIP lookup by clicking IP Geography Query.

    Previous
    Next