Configuring The Ip-Based Policies - Fortinet FortiMail-100 Install Manual

Secure messaging platform

Hide thumbs Also See for FortiMail-100:

Quick start manual (2 pages)

Quick start manual (2 pages)

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

Table of Contents

Example 3: FortiMail unit for an ISP or carrier

Configuring the IP-based policies

136

Connection Settings

Hide this box from the

mail server

(transparent mode only)

Do not let client connect

to blacklisted SMTP

servers

(transparent mode only)

Endpoint

Reputation

Enable Endpoint

Reputation

Action

Auto blacklist score

trigger value

Auto blacklist duration

Session Settings

Prevent encryption of the

session

(transparent mode only)

Unauthenticated Session

Settings

Prevent open relaying

(transparent mode only)

5 Select OK.

Session profiles are applied to IP-based policies governing SMTP client connections.

Enable to preserve the IP address or domain name of the

SMTP client in:

•

the SMTP greeting (HELO/EHLO) and in the Received:

message headers of email messages

•

the IP addresses in the IP header

This masks the existence of the FortiMail unit.

Enable to prevent clients from connecting to SMTP servers

that have been blacklisted in antispam profiles or, if enabled,

the FortiGuard AntiSpam service.

Enable to accept, monitor, or reject email based upon endpoint

reputation scores.

This option is designed for use with SMTP clients with

dynamic IP addresses. It requires that your RADIUS server

provide mappings between dynamic IP addresses and

MSISDNs/subscriber IDs to the FortiMail unit.

Select either:

•

Reject: Reject email and MMS messages from

MSISDNs/subscriber IDs whose endpoint reputation

scores exceed Auto blacklist score trigger value.

•

Monitor: Log, but do not reject, email and MMS messages

from MSISDNs/subscriber IDs whose endpoint reputation

scores exceed Auto blacklist score trigger value. Log

entries appear in the history log.

Enter the endpoint reputation score over which the FortiMail

unit will add the MSISDN/subscriber ID to the automatic

blacklist.

The trigger score is relative to the period of time configured as

the automatic blacklist window. For more information on the

automatic blacklist window, see the

Guide.

Enter the number of minutes that an MSISDN/subscriber ID

will be prevented from sending email or MMS messages after

they have been automatically blacklisted.

Enable to block STARTTLS/MD5 commands so that email

connections cannot be TLS-encrypted.

Enable to prevent clients from using open relays to send email

by blocking sessions that are unauthenticated.

(Unauthenticated sessions are assumed to be occurring to an

open relay.)

If you permit SMTP clients to use open relays to send email,

email from their domains could be blacklisted by other SMTP

servers.

FortiMail™ Secure Messaging Platform Version 4.0 Patch 1 Install Guide

Transparent mode deployment

FortiMail Administration

Revision 2

http://docs.fortinet.com/

•

Feedback

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Fortimail-400 Fortimail-100c Fortimail-2000a Fortimail-5001a Fortimail-2000b Fortimail-4000a

Configuring The Ip-Based Policies - Fortinet FortiMail-100 Install Manual

Configuring the IP-based policies

Hide quick links:

Troubleshooting

Related Manuals for Fortinet FortiMail-100

Related Content for Fortinet FortiMail-100

This manual is also suitable for:

Table of Contents