Administration Guide

• Email concepts and process workflow
  • Email protocols
  • Client-server connections in SMTP
  • DNS role in email delivery
  • How FortiMail processes email
  • FortiMail operation modes
  • FortiMail high availability
  • FortiMail management methods
• Setting up the FortiMail system
  • Connecting to the GUI or CLI
  • Choosing the operation mode
  • Running the Quick Start Wizard
  • Connecting to FortiGuard services
  • Gateway mode deployment
  • Transparent mode deployment
  • Server mode deployment
  • Testing the installation
  • Backing up the configuration
• Using the dashboard
  • Viewing the dashboard
  • Using the CLI Console
• Using FortiView
  • Viewing mail statistics
  • View threat statistics
  • View outbreak statistics
  • Viewing top user statistics
  • Viewing current IP sessions
• Monitoring the system
  • Viewing log messages
  • Managing the quarantines
  • Managing the mail queue
  • Viewing DMARC report statistics
    • Viewing the DMARC and SPF report summary
    • Viewing details about DMARC and SPF report statistics
  • Viewing the greylist statuses
  • Viewing sender, authentication and endpoint reputation
  • Managing archived email
  • Viewing reports
• Centrally monitoring the HA cluster
  • Viewing the cluster status
  • Viewing HA cluster mail statistics
  • Viewing HA cluster threat statistics
  • Searching the HA cluster logs
• Configuring system settings
  • Configuring network settings
  • Configuring administrator accounts and access profiles
  • Configuring system time, options, and other system options
  • Configuring mail settings
  • Customizing GUI, custom messages, email templates, and Security Fabric
  • Configuring single sign-on (SSO)
  • Configuring RAID
  • Using high availability (HA)
  • Managing certificates
  • Using FortiNDR malware inspection
  • Using FortiSandbox antivirus inspection
  • Configuring FortiGuard services and licensed features
    • Configuring licensed features
      • Configuring image analysis
  • System maintenance
  • System utility
• Configuring domains and users
  • Configuring protected domains
  • Managing users
  • Configuring user aliases
  • Configuring address mappings
  • Configuring IBE users
  • Configuring the address book
  • Sharing calendars and address books (server mode only)
  • Migrating email from other mail servers (server mode only)
• Configuring policies
  • What is a policy?
  • How to use policies
  • Controlling SMTP access and delivery
  • Controlling email based on IP addresses
  • Controlling email based on sender and recipient addresses
• Configuring profiles
  • Configuring session profiles
  • Configuring antispam profiles and actions
    • Configuring antispam profiles
      • Batch editing antispam profiles
    • Configuring impersonation profiles
      • Enabling impersonation analysis dynamic scanning
    • Configuring cousin domain profiles
    • Configuring weighted analysis profiles
    • Configuring antispam action profiles
  • Configuring antivirus profiles, file signatures, and actions
    • Configuring antivirus profiles
    • Configuring file signatures
    • Configuring antivirus action profiles
  • Configuring content profiles and content action profiles
  • Configuring replacement message profiles and variables
  • Configuring resource profiles
  • Workflow to enable and configure authentication of email users
  • Configuring authentication profiles
  • Configuring LDAP profiles
  • Configuring dictionary profiles
  • Configuring security profiles
  • Configuring IP pools
  • Configuring email, IP and GeoIP groups
  • Configuring notification profiles
• Configuring security settings
  • Configuring URL filter profiles
    • Configuring custom URL rating categories
    • Configuring URL rating overrides
    • About URL types
  • Configuring a threat feed
    • Types and file formats of threat feeds
  • Configuring content disarming and reconstruction
  • Configuring authentication reputation
  • Configuring email quarantines and quarantine reports
  • Configuring the block lists and safe lists
  • Configuring greylisting
  • Configuring bounce verification and tagging
  • Configuring sender rewriting scheme
  • Configuring endpoint reputation
  • Configuring preferences
  • Training and maintaining the Bayesian databases
• Configuring encryption settings
  • Configuring IBE encryption
  • Configuring certificate bindings
• Configuring data loss prevention
  • DLP configuration workflow
  • Defining the sensitive data
  • Configuring DLP rules
  • Configuring DLP profiles
• Archiving email
  • Email archiving workflow
  • Configuring email archiving accounts
  • Configuring email archiving policies
  • Configuring email archiving exemptions
• Logs, reports, and alerts
  • About FortiMail logging
  • Configuring logging
  • Configuring report profiles and generating reports
  • Configuring alert email
• Microsoft 365, Exchange and Google Workspace threat remediation
  • Microsoft 365, Exchange, and Google Workspace protection workflow
  • Configuring accounts
  • Configuring scanning policies
  • Configuring profiles
  • Monitoring log messages
• Managing firmware and configuration
  • Testing firmware before installing it
  • Installing firmware
  • Clean installing firmware
  • Upgrading firmware on HA units
• Best practices and fine tuning
  • General security tuning
  • System security tuning
  • Network topology tuning
  • High availability (HA) tuning
  • SMTP connectivity tuning
  • Antispam tuning
  • Policy tuning
  • System maintenance tips
  • Performance tuning
• Troubleshooting
  • Establish a system baseline
  • Define the problem
  • Search for a known solution
  • Create a troubleshooting plan
  • Gather system information
  • Troubleshoot hardware issues
  • Troubleshoot GUI and CLI connection issues
  • Troubleshoot FortiGuard connection issues
  • Troubleshoot MTA issues
  • Troubleshoot antispam issues
  • Troubleshoot HA issues
  • Troubleshoot resource issues
  • Troubleshoot bootup issues
  • Troubleshoot installation issues
  • Contact Fortinet customer support for assistance
• Setup for email users
  • Training Bayesian databases
  • Managing tagged spam
  • Accessing the personal quarantine and webmail
  • Sending email from an email client (gateway and transparent mode)
• Appendix A: Supported RFCs
• Appendix B: Maximum Values
• Appendix C: Port Numbers
• Appendix D: Wildcards and regular expressions
  • Special characters with regular expressions and wildcards
  • Case sensitivity
  • Modifiers
  • Word boundary
  • Syntax
  • Example regular expressions
• Appendix E: Working with TLS/SSL
  • About TLS/SSL
  • How TLS/SSL works
  • FortiMail support of TLS/SSL
  • Troubleshooting FortiMail TLS issues
• Appendix F: PKI Authentication
  • Introduction to PKI authentication
  • FortiMail PKI architecture
  • Configuring PKI authentication on FortiMail
• Change log