firewall : mms-profile : config dupe {mm1 | mm4}
 
config dupe {mm1 | mm4}
Duplicate MMS messages can result from bulk MMS messages, MMS spam, attacks, or other issues.
You can use the config dupe subcommand to detect and act on MMS duplicate messages. Thresholds that define excessive duplicate messages and response actions are both configurable.
You can configure MMS duplicate message detection for MM1 messages using config dupe mm1 and for MM4 messages using config dupe mm4.
There are four threshold settings each for mm1 and mm4. The integer at the end of each command indicates which threshold you are configuring. By default, only the first threshold is available for configuration. Enable status2 to gain access to the second threshold. Then enable status3 to gain access to the third threshold. Finally, enable status 4 to gain access to the fourth threshold. They must be enabled in sequence.
 
Variable
Description
Default
action1 {alert‑notif archive archive-first block intercept log}
Select the actions to take, if any, when excessive duplicate messages are detected. To select more than one action, separate each action with a space.
alert-notif — Enable to have the FortiGate unit send a notification message If this threshold is exceeded.
archive — Archive duplicates in excess of the configured threshold.
archive-first — Archive the first duplicate in excess of the configured threshold.
block — Block and intercept excess duplicates. If block is selected, messages are also intercepted, even if intercept is not selected.
intercept — Intercept excess duplicates.
log — Log excess duplicates. This option takes effect only if logging is enabled for bulk MMS message detection. See “log-antispam-mass-mms {enable | disable}”.
This option appears only if status is set to enable for the MMS interface.
archive block intercept log
block-time1 <minutes_int>
Enter the amount of time in minutes during which the FortiGate unit will perform the action after a message flood is detected.
This option appears only if status is enable for the MMS interface.
100
limit1 <duplicatetrigger_int>
Enter the number of messages which signifies excessive message duplicates if exceeded within the window.
This option appears only if status is enable for the MMS interface.
100
protocol1
The MMS interface that you are configuring. protocol can be mm1 or mm2 depending on whether you entered config dupe mm1 or config dupe mm4.
This variable can be viewed with the get command, but cannot be set.
.
status1 {enable | disable}
Select to detect and act upon duplicate MMS messages.
disable
status2 {enable | disable}
Enable to gain access to the second set of threshold configuration settings.
disable
window1 <minutes_int>
Enter the period of time in minutes during which excessive message duplicates will be detected if the limit is exceeded.
This option appears only if status is enable for the protocol (MM1 or MM4).
60