Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JacksonCountyIT
New Contributor

Multiple Domains

Hello, oh great ones.

We currently have our fortimail systems setup to receive email and send email from out current domain, jacksoncounty.org. The messages come in and then get processed and on to our internal exchange servers just fine. 

We are going to be moving to different domain, jacksoncounty.gov or such like that shortly. I have added the domain on the exchange back end and given out the address policy to the test users. But the questions and concerns from my boss and myself is getting them in out of fortimail. I know i can setup a second protected domain and then create all the recipient policies for inbound and outbound, change the patterns to be the new format and all good.

 

Now comes the part not sure on, when connection is made to the system how will it respond to the hello? if it responds with xxx.jacksoncounty.org info for an email for jacksoncounty.gov email that could cause issues correct?

 

Another is with secure connections, a secure connection comes in to the system, how does it know to use the certificate for the new domain, *.jacksoncounty.gov and not the default one that is currently set in the system for the domain that is being processed now. (I will load our new cert into the system along side our current cert already in the system) I did not see a place in the domains to have it select a different cert and i did not see a place in the certificate locations to set one for a domain there. 

 

Any help, ideas, or pointers would be greatly appreciated. If anyone knows of someone who has done this, or a company that helps with this type of thing would be great also.

 

James
Jackson County IT

1 REPLY 1
gfleming
Staff
Staff

You can configure multiple protected domains, absolutely: https://docs.fortinet.com/document/fortimail/7.2.2/administration-guide/40774/configuring-protected-...

 

The FortiMail unit will respond appropriately based on which domain is being sent to.

 

And here's more info on how TLS works within FortiMail: https://docs.fortinet.com/document/fortimail/7.2.2/administration-guide/801569/appendix-e-working-wi...

 

I believe if you have a certificate imported for the domain the FML will select it automatically for StartTLS or SMTPS

 

 

Cheers,
Graham
Top Kudoed Authors