FortiMail 100C operating in server mode / Adding a domain as a backup

Forum|Forum|7 years ago
December 14, 2018
1 reply
5437 views

Hello everyone,

I use a FortiMail 100C in server mode.

In this operation mode, is it possible to add a new domain as a backup mail exchanger so that the FortiMail unit will accept mails for this domain in case the primary mail exchanger is down or unreachable and pass the mails on to the primary MX once that one is up again.

Thanks,

Carl_Windsor_FTNT

Staff

No this is not possible, we are considering this DR scenario for a future release. Please feed back your interest to your FortiMail account team.

ede_pfau

SuperUser

Maybe I'm too unexperienced, but why would that not be possible?

In a MX record you state at least one IP address. You can give 2 addresses for failover.

If the second address would point to the FML, the FML would never receive any mail until mail clients run into an 'unreachable' problem with the primary address, and resend to the secondary address.

Am I assuming wrong here?

KPS

New Member

Hi!

I can 95% agree to what ede_pfau wrote:

There should be no problem to setup a second FortiMail as MX with higher metric. The "second-MX" can send the mails to an upstream MTA (the first FortiMail) and can hold mails in it's queue, when the first MTA is not reachable for some time.

Option 2: The second FortiMail can send the mails to the same upstream-system, as the primary-one (e.g. Exchange-server).

But:

1. Problems:

You have no central config-instance. You need to setup both systems.

2. (the 5%, I do not agree to ede_pfau):

Some MTAs, that are not configured RFC-compliant to not only use the MX-record with the lowest metric. So, you will see some mails on the "backup-Fortimail".

MANY spammers try to bypass spam-filters on sending mails to the backup-MX-records.

Both should not be an issue.

Regards,

KPS

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded