Web Portal Authentication in FortiMail with G Suites


In this recipe we’ll explore how FortiMail can be configured to authenticate G-Suite users accessing their personal spam digest portal to review & release quarantined messages and/or reviewing their personal profile settings.   

NOTE: This document is based on FortiMail 5.4 release.

 Enabling POP3 and IMAP

First we will need to enable POP3 and IMAP access in the Google Admin console.

  1. Sign in to your Google Admin console
  2. Go to  AppsG Suite >Gmail Advanced Settings.
  3. Select the organization unit you want to configure in the Organization section.
  4. Select or clear the check boxes for Disable POP and IMAP access for all users in the domain. This setting is enabled by default.

 Creating a SMTP Authentication Profile

Now you will need to create a new SMTP Authentication Profile on FortiMail (release 5.4.x).

  1. Go to Profile Authentication SMTP.
  2. Select New.
  3. Enter “Gsuites-SMTP_Auth” in the Profile name section.
  4. Enter “smtp.gmail.com” in the Server name/IP section.
  5. Enter 587 in the Server port section.
  6. Disable Use generic LDAP mail host if available.
  7. Enable SSL/TLS and Server requires domain.
  8. Select Create.

 Establishing Authentication

Now we will need to edit an existing recipient policy.

  1. Go to Policy > Recipient Policy > Inbound.
  2. Select your existing policy and select Edit.
  3. Expand the Authentication and Access section.
  4. Select SMTP from the Authentication type dropdown menu.
  5. Select “Gsuites-SMTP_AUTH” from the Authentication profile dropdown menu.
  6. Select OK.