Configuring IBE authentication
When mail recipients of the IBE domains access the FortiMail unit after receiving a secure mail notification:
• recipients of the IBE domains without LDAP authentication profiles need to register to view the email
• recipients of the IBE domains with LDAP authentication profiles just need to authenticate because the FortiMail unit can query the LDAP servers for authentication information based on the LDAP profile
In both cases, the FortiMail unit will record the domain names of the recipients who register or authenticate on it under the
IBE Domain tab. For details, see
“Viewing and managing IBE domains”.
Go to
User > IBE User > IBE Authentication to bind domains with LDAP authentication profiles with which the FortiMail unit can query the LDAP servers for authentication, email address mappings, and more. For more information about LDAP profiles, see
“Configuring LDAP profiles”.
To configure IBE authentication rules
1. Go to User > IBE User > IBE Authentication.
2. Configure the following and click Create.
GUI item | Description |
ID | Displays the sequential number of the entry. |
Domain pattern | Enter a domain name that you want to bind to an LDAP authentication profile. If you want all IBE users to authenticate through an LDAP profile and do not want other non-LDAP-authenticated users to get registered on FortiMail, you can use wildcard * for the domain name and then bind it to an LDAP profile. For more information about LDAP profiles, see “Configuring LDAP profiles”. |
LDAP profile | Select the LDAP profile you want to use to authenticate the domain users. |
Status | Select to enable this rule. |