This article describes how to troubleshoot the unable resolve DNS to the mail server from FortiAnalyzer.
FortiManager / FortiAnalyzer.
Test the connectivity of ForiAnalyzer with the mail server with the CLI command below:
# diagnose test connection mailserver <server-name> <mail-from> <mail-to>
The test results will provide the error highlighted in red below:
FAZ # diagnose test connection mailserver test firstname.lastname@example.org email@example.com
Testing SMTP server test, please wait...
* Could not resolve host: test
* Closing connection 0
Failed to send a test email to firstname.lastname@example.org through test.
Please check your configuration.
Command fail. Return code 6
1) Go to System Setting -> Advanced -> Mail Server, 'Right-click' the mail server and test.
2) Enter the email address used to test in 'from' and 'to', and select 'OK'.
Diagnose with the CLI command will provide an error message to ease the troubleshooting process as shown in example below:
Ensure FortiAnalyzer is able to connect to the DNS server.
FAZ # exe ping 184.108.40.206
exe ping 220.127.116.11
PING 18.104.22.168 (22.214.171.124): 56 data bytes
64 bytes from 126.96.36.199: seq=0 ttl=118 time=1.584 ms
64 bytes from 188.8.131.52: seq=1 ttl=118 time=2.905 ms
64 bytes from 184.108.40.206: seq=2 ttl=118 time=2.846 ms
64 bytes from 220.127.116.11: seq=3 ttl=118 time=2.738 ms
--- 18.104.22.168 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 1.584/2.518/2.905 ms
If the Internet is down, check the hardware and routing of FortiAnalyzer
Ensure FortiAnalyzer able to resolve DNS to the mail server.
FAZ # exe ping google.com
ping: bad address 'google.com'
If FortiAnalyzer is unable to resolve DNS, make the configuration to a working DNS server as shown below:
# config sys dns
set primary <Primary DNS Server>
set secondary <Secondary DNS Server>
If both methods are working, ping the mail server and ensure the mail server is up.
FAZ # exe ping email@example.com
PING google.com (22.214.171.124): 56 data bytes
64 bytes from 126.96.36.199: seq=0 ttl=118 time=3.115 ms
64 bytes from 188.8.131.52: seq=1 ttl=118 time=2.519 ms
64 bytes from 184.108.40.206: seq=2 ttl=118 time=2.988 ms
64 bytes from 220.127.116.11: seq=3 ttl=118 time=2.467 ms
Check the port configuration for the mail server. By default, port TCP/25 is configured for SMTP.
If port TCP/587 (SMTPS) are configured, make sure the following configuration is done as well:
# config system mail
set secure-option smtps
Ensure the upstream firewall has allowed ports TCP/25 & port TCP/587.
If none of the methods above resolve the issue, run the debug flow below and collect information for TAC support.
# diagnose debug application fazmaild 255
# diagnose debug enable
To stop the debug flow:
# diagnose debug disable
# diagnose debug reset
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.