Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Fullmoon
Contributor III

against spoofing and directory harvesting

Here's we want to achieve, only legitimate users could able to send and receive emails. I want to secure my email system against spoofing and directory harvesting and etc.

 

Any additional thoughts is much appreciated. Below is my current config.

 

LDAP Server Config

config profile ldap edit ldap_server set server 192.168.121.254 set port 636 set secure ssl set base-dn DC=domain,DC=com, set bind-dn smfmail set bind-password ENC &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& next

 

Recipient Add verification

config domain-setting

set host 192.168.121.254 set recipient-verification ldap set recipient-verification-profile ldap_server set recipient-verification-background ldap set recipient-verification-background-profile ldap_server config sender-addr-rate-ctrl-exempt end

 

Recipient Policy Inbound

config policy recipient edit 1 set status enable set recipient-type ldap-group set profile-ldap ldap_server set profile-antispam AS_Inbound set profile-content CF_Inbound set profile-antivirus AV_SysQuarantine set profile-resource Res_Default set profile-auth-type ldap set profile-auth-ldap ldap_server set auth-allow-smtp enable next

Recipient Policy Outbound edit 2 set status enable set direction outgoing set sender-type ldap-group set profile-ldap ldap_server set profile-antispam AS_Outbound set profile-antivirus AV_SysQuarantine

Fortigate Newbie

Fortigate Newbie
0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors