Spam filter
FortiShield
FortiGate-5000 series Administration Guide
01-28008-0013-20050204
335
Order of spam filter operations
Generally, incoming email is passed through the spam filters in the order the filters
appear in the spam filtering options list in a firewall protection profile (and in
Table 31
):
FortiShield, IP address, DNSBL & ORDBL, HELO DNS lookup, email address, return
email DNS check, MIME header, and banned word (content block). Each filter passes
the email to the next if no matches or problems are found. If the action in the filter is
Mark as Spam, the FortiGate unit will tag or discard (SMTP only) the email according
to the settings in the protection profile. If the action in the filter is Mark as Clear, the
email is exempt from any remaining filters. If the action in the filter is Mark as Reject,
the email session is dropped. Rejected SMTP email messages are substituted with a
configurable replacement message. See
“Replacement messages” on page 114
.
The order of spam filter operations may vary between SMTP and IMAP or POP3 traffic
because some filters only apply to SMTP traffic (IP address and HELO DNS lookup).
Also, filters that require a query to a server and a reply (FortiShield and
DNSBL/ORDBL) are run simultaneously. To avoid delays, queries are sent while other
filters are running. The first reply to trigger a spam action will take effect as soon as
the reply is received.
This chapter describes:
•
FortiShield
•
IP address
•
DNSBL & ORDBL
•
Email address
•
MIME headers
•
Banned word
•
Using Perl regular expressions
FortiShield
You can filter Spam with an IP address black list and a URL black list using the
Fortinet FortiShield product.
This section describes:
•
FortiShield Spam filtering
•
FortiShield options
•
Configuring the FortiShield cache
•
FortiShield CLI configuration
FortiShield Spam filtering
FortiShield is an antispam system from Fortinet that includes an IP address black list,
a URL black list, and spam filtering tools. The IP address black list contains IP
addresses of email servers known to be used to generate Spam. The URL black list
contains URLs of website found in Spam email.
Summary of Contents for FortiGate FortiGate-5020
Page 86: ...86 01 28008 0013 20050204 Fortinet Inc Dynamic IP System DHCP ...
Page 118: ...118 01 28008 0013 20050204 Fortinet Inc FortiManager System Config ...
Page 254: ...254 01 28008 0013 20050204 Fortinet Inc CLI configuration User ...
Page 318: ...318 01 28008 0013 20050204 Fortinet Inc CLI configuration Antivirus ...
Page 350: ...350 01 28008 0013 20050204 Fortinet Inc Using Perl regular expressions Spam filter ...
Page 370: ...370 01 28008 0013 20050204 Fortinet Inc CLI configuration Log Report ...
Page 382: ...382 01 28008 0013 20050204 Fortinet Inc Glossary ...
Page 402: ...402 01 28008 0013 20050204 Fortinet Inc Index ...