Characteristics Of Server Mode - Fortinet FortiMail-100 Install Manual

Secure messaging platform

Hide thumbs Also See for FortiMail-100:

Quick start manual (2 pages)

Quick start manual (2 pages)

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

Table of Contents

Choosing the operation mode

Characteristics of server mode

FortiMail™ Secure Messaging Platform Version 4.0 Patch 1 Install Guide

Revision 2

http://docs.fortinet.com/

•

Feedback

FortiMail units operating in transparent mode provide a web-based user interface from

which email users can access personal preferences and email quarantined to their per-

recipient quarantine. However, FortiMail units operating in transparent mode do not locally

host mailboxes such as each email user's inbox, which are instead stored on protected

email servers.

By default, FortiMail units operating in transparent mode are configured as a bridge, with

all network interfaces on the same subnet. You can configure out-of-bridge network

interfaces if you require them, such as if you have some protected email servers that are

not located on the same subnet.

Transparent mode usually requires no changes to an existing network. Requirements

include that the FortiMail unit must be physically inline between the protected email server

and all SMTP clients — unlike gateway mode, because FortiMail units operating in

transparent mode are invisible, clients cannot be configured to route email directly to the

FortiMail unit, and so it must be physically placed where it can intercept the connection.

Figure 25: Example transparent mode topology

Protected Domain:

@example.com

Transparent Mode

port2

port1

Internal Email Server

172.16.1.10

Email Domain:

example.com IN MX 10 mail.example.com

@example.com

Caution: Do not connect two ports to the same VLAN on a switch or the same hub. Some

Layer 2 switches become unstable when they detect the same media access control (MAC)

address originating on more than one network interface on the switch, or from more than

one VLAN.

For example, a school might want to install a FortiMail unit to protect its mail server, but

does not want to make any changes to its existing DNS and SMTP client configurations or

other network topology. Therefore, the school installs the FortiMail unit in transparent

mode.

For sample deployment scenarios, see the chapter

page

119.

When operating in server mode, the FortiMail is a stand-alone email server. The FortiMail

unit receives email messages, scans for viruses and spam, then delivers email to its email

users' mailboxes. External MTAs connect to the FortiMail unit, which itself is also the

protected email server.

Local Email Users

Router

10.10.10.1

Internet

Private DNS Server

Public DNS Server

example.com IN MX 10 mail.example.com

mail IN A 172.16.1.10

mail IN A 10.10.10.1

"Transparent mode deployment" on

Characteristics of server mode

External

Email Server

Remote Email Users

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Fortimail-400 Fortimail-100c Fortimail-2000a Fortimail-5001a Fortimail-2000b Fortimail-4000a

Characteristics Of Server Mode - Fortinet FortiMail-100 Install Manual

Characteristics of server mode

Hide quick links:

Troubleshooting

Related Manuals for Fortinet FortiMail-100

Related Content for Fortinet FortiMail-100

This manual is also suitable for:

Table of Contents