spamfilter : fortishield
Use this command to configure the settings for the FortiGuard-Antispam Service.
The FortiGate email filters are applied in the following order:
1. IP address BWL check - Last hop IP
2. DNSBL & ORDBL check, IP address FortiGuard check, HELO DNS lookup
3. E-mail address BWL check
4. MIME headers check
5. IP address BWL check (for IPs extracted from “Received” headers)
6. Return e-mail DNS check, FortiGuard Antispam check (for IPs extracted from “Received” headers, and URLs in email content)
7. Banned word check
For POP3 and IMAP
1. E-mail address BWL check
2. MIME headers check, IP BWL check
3. Return e-mail DNS check, FortiGuard Antispam check, DNSBL & ORDBL check
4. Banned word check
For SMTP, POP3, and IMAP
FortiGuard-Antispam Service is an antispam system from Fortinet that includes an IP address black list, a URL black list, and email filtering tools. The IP address black list contains IP addresses of email servers known to be used to generate Spam. The URL black list contains found in Spam email.
FortiGuard-Antispam Service compiles the IP address and URL list from email captured by spam probes located around the world. Spam probes are email addresses purposely configured to attract spam and identify known spam sources to create the antispam IP address and URL list. FortiGuard-Antispam Service combines IP address and URL checks with other email filter techniques in a two-pass process.
On the first pass, if spamfsip is selected in the profile, FortiGuard-Antispam Service extracts the SMTP mail server source address and sends the IP address to a FortiGuard-Antispam Service server to see if this IP address matches the list of known spammers. If spamfsurl is selected in the profile, FortiGuard-Antispam Service checks the body of email messages to extract any URL links. These URL links will be sent to a FortiGuard-Antispam Service server to see if any of them is listed. Typically spam messages contain URL links to advertisements (also called spamvertizing).
If an IP address or URL match is found, FortiGuard-Antispam Service terminates the session. If FortiGuard-Antispam Service does not find a match, the mail server sends the email to the recipient.
As each email is received, FortiGuard-Antispam Service performs the second antispam pass by checking the header, subject, and body of the email for common spam content. If FortiGuard-Antispam Service finds spam content, the email is tagged or dropped.
config spamfilter fortishield
set spam-submit-force {enable | disable}
set spam-submit-srv <url_str>
set spam-submit-txt2htm {enable | disable}
spam-submit-force {enable | disable}
Enable or disable force insertion of a new mime entity for the submission text.
spam-submit-srv <url_str>
The host name of the FortiGuard-Antispam Service server. The FortiGate unit comes preconfigured with the host name. Use this command only to change the host name.
spam-submit-txt2htm {enable | disable}
Enable or disable converting text email to HTML.