FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
article provides a general best practice tip when having SMTP traffic
entering your network and you have intermittences on the email
email service (SMTP) show intermittences like incoming connections
not being established with internal email servers. One of the reason
for this is that email servers currently use severals spam control
mechanisms that block or limit the connections to IP addresses from
where spam messages were injected previously. This cause email
servers to reject SMTP connections when they detect high volume
injection of spam messages from one source (IP address). This
situation sometimes affects the FortiGate operation when NAT is
enabled on firewall policies that allow incoming SMTP traffic and
email server has one of these mechanisms enabled, then intermittences
can happen because the server start to reject connections from the
FortiGate (internal) IP address because server cannot differentiate
one Internet source from another because it only sees the FortiGate
(internal) IP address.
this case NAT needs to be disabled in the firewall policy for the
incoming SMTP traffic to allow email servers to differentiate the source
from each connection.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.