Configuring profiles : Configuring antispam profiles and antispam action profiles : Managing antispam profiles : Configuring DNSBL options
Configuring DNSBL options
In addition to supporting Fortinet’s FortiGuard Antispam DNSBL service, the FortiMail unit supports third-party DNS blocklist servers. You can enable DNSBL filtering as part of the antispam profile, and define multiple DNSBL servers for each antispam profile. Consult the third-party DNSBL service providers for any conditions and restrictions.
DNSBL scans examine the IP address of the SMTP client that is currently delivering the email message. If the Enable Block IP to query for the blocklist status of the IP addresses of all SMTP servers appearing in the Received: lines of header lines. option located in the Deep header section is enabled, DNSBL scan will also examine the IP addresses of all other SMTP servers that appear in the Received: lines of the message header. For more information, see “Configuring FortiGuard options”.
DNSBL scans do not examine private network addresses, which are defined in RFC 1918.
The DNSBL section of antispam profiles lets you configure the FortiMail unit to query one or more DNS block list (DNSBL) servers to determine if the IP address of the SMTP client has been blocklisted. If the IP address is blocklisted, the FortiMail unit treats the email as spam and performs the associated action.
To configure DNSBL scan options
1. When configuring an antispam profile, enable DNSBL in the AntiSpam Profile dialog.
2. From Action, select the action profile that you want the FortiMail unit to use if the DNSBL scan finds spam email.
For more information, see “Configuring antispam action profiles”.
3. Next to DNSBL click Configuration.
A pop-up window appears where you can enter the domain names of DNSBL servers to use with this profile.
4. To add a new DNSBL server address, click New and type the address in the field that appears.
Since the servers are queried from top to bottom, you may want to put the reliable servers with less traffic to the top of the list. Click the drop-down menu in the title bar to sort the entries.
5. Select a server from the list and click OK.
The pop-up window closes.
 
Closing the pop-up window does not save the antispam profile and its associated DNSBL server list. To save changes to the DNSBL server list, in the antispam profile, click OK before navigating away to another part of the web UI.
6. Continue to the next section, or click Create or OK to save the antispam profile.