FortiGuard Email Filtering (also called the FortiGuard Antispam Service) Email filtering
FortiGate Version 4.0 MR1 Administration Guide
568 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
If the action in the filter is Mark as Clear, the email is exempt from any remaining filters. If
the action in the filter is Mark as Reject, the email session is dropped. Rejected SMTP or
SMTPS email messages are substituted with a configurable replacement message.
Order of SMTP and SMTPS email filtering
SMTPS email filtering is available on FortiGate units that support SSL content scanning
and inspection.
1 IP address BWL check on last hop IP.
2 DNSBL & ORDBL check on last hop IP, FortiGuard Antispam IP check on last hop IP,
HELO DNS lookup.
3 MIME headers check, E-mail address BWL check.
4 Banned word check on email subject.
5 IP address BWL check (for IPs extracted from “Received” headers).
6 Banned word check on email body.
7 Return email DNS check, FortiGuard Antispam email checksum check, FortiGuard
Antispam URL check, DNSBL & ORDBL check on public IP extracted from header.
Order of IMAP, POP3, IMAPS and POP3S email filtering
IMAPS and POP3S email filtering is available on FortiGate units the support SSL content
scanning and inspection.
1 MIME headers check, E-mail address BWL check.
2 Banned word check on email subject.
3 IP BWL check.
4 Banned word check on email body.
5 Return email DNS check, FortiGuard Antispam email checksum check, FortiGuard
Antispam URL check, DNSBL & ORDBL check.
Email filter controls
Email filters are configured for system-wide use, but enabled on a per profile basis.
Table 55 describes the Email filter settings and where to configure and access them.
To access protection profile Email Filter options, go to Firewall > Protection Profile, select
the Edit icon beside an existing profile, or select Create New. Select Email Filtering.
Table 55: Email filtering and Protection Profile email filtering configuration
Protection Profile Email filtering options Email Filter setting
IP address FortiGuard Email Filtering check System > Maintenance > FortiGuard
Configure the FortiGuard Email Filtering
service. Fortinet has its own DNSBL server
for FortiGuard Antispam that provides spam
IP address and URL blacklists. Fortinet
keeps the FortiGuard Antispam IP and URLs
up-to-date as new spam sources are found.
Enable FortiGuard Email Filtering, check the status
of the FortiGuard Antispam server, view the license
type and expiry date, and configure the cache. For
more information, see “Configuring the FortiGate
unit for FDN and FortiGuard subscription services”
on page 323
IP address BWL check UTM > Email Filter > IP Address
Black/white list check. Configure the
checking of incoming IP addresses against
the configured spam filter IP address list.
Add to and edit IP addresses to the list. You can
configure the action to take as spam, clear, or reject
for each IP address. You can place an IP address
anywhere in the list. The filter checks each IP
address in sequence.
DNSBL & ORDBL check Command line only
To Next Page
Loading...
Need help?
General
