GUI item | Description | |
LDAP user alias / address mapping profile (transparent and gateway mode only) | Select the name of an LDAP profile in which you have enabled and configured, enabling you to expand alias email addresses or replace one email address with another by using an LDAP query to retrieve alias members and/or address mappings. For more information, see “Configuring LDAP profiles”. | |
Mail routing LDAP profile | Enable to perform mail routing, then click the arrow to expand the options and select the name of an LDAP profile in which you have enabled and configured. For more information, see “Configuring LDAP profiles” | |
Remove received header of outgoing email | Enable to remove the Received: message headers from email whose: • sender email address belongs to this protected domain • recipient email address is outgoing (that is, does not belong to this protected domain); if there are multiple recipients, only the first recipient’s email address is used to determine whether an email is outgoing You can alternatively remove this header from any matching email using session profiles. For details, see “Remove received header”. | |
Webmail theme | Select either Use system settings, or the theme that the FortiMail unit will use to display webmail and quarantine folder pages. By default, the FortiMail unit uses the same theme as the web UI. | |
Webmail language | Select either Use system settings, or the language that the FortiMail unit will use to display webmail and quarantine folder pages. By default, the FortiMail unit uses the same language as the web UI. For more information, see “Customizing the GUI appearance”. | |
Maximum message size(KB) | Enable then type the limit in kilobytes (KB) of the message size. Email messages over the threshold size are rejected. Note: When you configure session profile settings under Profile > Session, you can also set the message size limit. Here is how the two settings work together: • For outgoing email (for information about email directions, see “Incoming versus outgoing email messages”), only the size limit in the session profile will be matched. If there is no session profile defined or no IP-based policy matched, the default size limit of 10 MB will be used. • For incoming email, the size limits in both the session profile and domain settings will be checked. If there is no session profile defined or no IP-based policy matched, the default size limit of 10 MB will be compared with the size limit in the domain settings. The smaller size will be used. | |
IP pool | You can use a pool of IP addresses as the source IP address when sending email from this domain, or as the destination IP address when receiving email destined to this domain, or as both the source and destination IP addresses. • If you want to use the IP pool as the source IP address for this protected domain, according to the sender’s email address in the envelope (MAIL FROM:), select the IP pool to use and select Delivering as the Direction. • If you want to use the IP pool as the destination IP address (virtual host) for this protected domain, according to the recipient’s email address in the envelope (RCPT TO:), select the IP pool to use and select Receiving as the Direction. You must also configure the MX record to direct email to the IP pool addresses as well. This feature can be used to support multiple virtual hosts on a single physical interface, so that different profiles can be applied to different host and logging for each host can be separated as well. • If you want to use the IP pool as both the destination and source IP address, select the IP pool to use and select Both as the Direction Note: IP pools are skipped for email delivery between protected domains. Each email that the FortiMail unit sends will use the next IP address in the range. When the last IP address in the range is used, the next email will use the first IP address. If the FortiMail unit is operating in transparent mode, and you have enabled “Hide the transparent box” or “Use client-specified SMTP server to send email”, you cannot use IP pools. For more information on IP pools, see “Configuring IP pools”. | |
Quarantine Report Setting | Click the arrow to expand the quarantine report section. For more information, see “Quarantine Report Setting”. For information on system-wide quarantine report settings, see “Configuring global quarantine report settings”. | |
Send to | You can choose to send the report to the email original recipient, other recipient, or the LDAP group owner. If you choose to send the quarantine report to the LDAP group owner, you can also specify the following conditions: • Only when original recipient is group • When group owner is found, do not send to original recipient | |
Schedule | You can choose to use either the system settings or domain settings. If you choose to use the domain settings, you can specify the schedule here. | |
Template | Choose the quarantine report template to use. For more information about email templates, see “Customizing email templates”. | |
DKIM Setting | This option appears only when you open an existing protected domain for editing. Click the arrow to expand the DKIM setting section. For more information, see “DKIM Setting”. To configure DKIM signing, create the protected domain, save it, then double-click it to modify the protected domain. | |
Disclaimer | Click the arrow to expand the disclaimer section. For more information, see “Disclaimer for a domain”. Note: This option configures a per-domain disclaimer and is only available after you enable Allow per-domain settings when you configure system-wide disclaimer settings. For more information, see “Allow per-domain settings”. | |
SMTP greeting (EHLO/HELO) | Select how the FortiMail unit will identify itself during the HELO or EHLO greeting of outgoing SMTP connections that it initiates. • Use this domain name: The FortiMail unit will identify itself using the domain name for this protected domain. If the FortiMail unit will handle internal email messages (those for which both the sender and recipient addresses in the envelope contain the domain name of the protected domain), to use this option, you must also configure your protected SMTP server to use its host name for SMTP greetings. Failure to do this will result in dropped SMTP sessions, as both the FortiMail unit and the protected SMTP server will be using the same domain name when greeting each other. • Use system host name: The FortiMail unit will identify itself using its own host name. By default, the FortiMail unit uses the domain name of the protected domain. If your FortiMail unit is protecting multiple domains and using IP pool addresses, select Use system host name instead. This setting does not apply if email is incoming, according to the sender address in the envelope, from an unprotected domain. | |