Skip to main content
urvasjets
urvasjets
New Member
June 18, 2022
Question

Question - FortiMail Cloud

  • June 18, 2022
  • 2 replies
  • 1316 views

Hi guys!

I've been looking into the cloud version of FortiMail appliance, but I've a question that I'm sure someone knows the answer (I'm sure it is a "easy" question).

Configuring the FortiMail Cloud is the same as configuring a physical / virtual appliance "in house" where the mail server is, the thing is, in this setup all the inbound SMTP traffic is port forwarded to the FortiMail before reaching the email server, causing 100% of the emails to pass by the FortiMail first.

But with FortiMail Cloud, although the MX Records will point to the cloud appliance, the mail server will have to be exposed to the internet in order to receive the inbound emails from the cloud appliance, making it possible for someone to deliver emails directly to the mail server, if they know the public IP. Is there any specific implementation setup recommended to avoid exposing the mail server to the internet? Or the only solution is using a firewall to only allow inbound SMTP traffic from the cloud appliance?

Thanks!

2 replies

A
Anonymous_User
Contributor
June 20, 2022

Hello @urvasjets ,

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

A
Anonymous_User
Contributor
June 22, 2022

Hello @urvasjets ,

 

As per my research on your query, I would suggest adding the trusted host which is the IP address of the administrator. This can be configured under System > Administrator.

 

"In the Trusted Hosts fields, enter an IPv4 or IPv6 address or subnet that the administrator can use to log in. To allow the administrator to access FortiMail from any IP address. Enter 0.0.0.0 / 0.0.0.0.  To add more trusted hosts, click the + (plus) icon."

 

Screenshot 2022-06-22 122619.png

 

Also, you can add a firewall in front of the Fortimail restricting DDoS attacks.


Please check the links below which are helpful for Fortimail configuration.

 

https://docs.fortinet.com/document/fortimail/7.2.0/administration-guide/381666/controlling-smtp-access-and-delivery

 

https://docs.fortinet.com/document/fortimail/7.2.0/administration-guide/245732/fortimail-operation-modes

 

https://docs.fortinet.com/document/fortimail/6.4.0/administration-guide/40774/configuring-protected-domains#:~:text=Protected%20domains%20define%20connections%20and,email%20addresses%20in%20the%20envelope

 

Let me know if the above helps.

 

Thanks,

 

Terms & ConditionsAccessibility statement