FortiGate Version 3.0 MR4 Administration Guide
382 01-30004-0203-20070102
Antispam Antispam
3 IP BWL check
4 Banned word check on email body
5 Return e-mail DNS check, FortiGuard AntiSpam check, RBL & ORDBL check
For SMTP, POP3, and IMAP
Filters requiring a query to a server and a reply (FortiGuard Antispam Service and
DNSBL/ORDBL) are run simultaneously. To avoid delays, queries are sent while
other filters are running. The first reply to trigger a spam action takes effect as
soon as the reply is received.
Each spam filter passes the email to the next if no matches or problems are found.
If the action in the filter is Mark as Spam, the FortiGate unit will tag or discard
(SMTP only) the email according to the settings in the protection profile. If the
action in the filter is Mark as Clear, the email is exempt from any remaining filters.
If the action in the filter is Mark as Reject, the email session is dropped. Rejected
SMTP email messages are substituted with a configurable replacement message.
Anti-spam filter controls
Spam filters are configured for system-wide use, but enabled on a per profile
basis.
Table 41 describes the Antispam settings and where to configure and access
them.
Table 41: AntiSpam and Protection Profile spam filtering configuration
Protection Profile spam filtering options AntiSpam setting
IP address FortiGuard-Antispam check System > Maintenance >
FortiGuard Centre
Enable or disable Fortinet’s antispam service
called FortiGuard-Antispam. FortiGuard-
Antispam is Fortinet’s own DNSBL server
that provides spam IP address and URL
blacklists. Fortinet keeps the FortiGuard-
Antispam IP and URLs up-to-date as new
spam source are found.
Enable FortiGuard-Antispam, check the
status of the FortiGuard-Antispam server,
view the license type and expiry date, and
configure the cache. For details, see
“Configuring the FortiGate unit for FDN
and FortiGuard services” on page 162
IP address BWL check AntiSpam > Black/White List > IP Address
Black/white list check. Enable or disable
checking incoming IP addresses against the
configured spam filter IP address list. (SMTP
only.)
Add to and edit IP addresses to the list.
You can configure the action to take as
spam, clear, or reject for each IP address.
You can place an IP address anywhere in
the list. The filter checks each IP address
in sequence. (SMTP only.)
DNSBL & ORDBL check Command line only
Enable or disable checking email traffic
against configured DNS Blackhole List
(DNSBL) and Open Relay Database List
(ORDBL) servers.
Add or remove DNSBL and ORDBL
servers to and from the list. You can
configure the action to take as spam or
reject for email identified as spam from
each server (SMTP only).
DNSBL and ORDBL configuration can only
be changed using the command line
interface. For more information, see the
FortiGate CLI Reference.
HELO DNS lookup n/a