Configuring profiles : Configuring dictionary profiles
Configuring dictionary profiles
The Profiles tab lets you configure dictionary profiles.
Unlike banned words, dictionary terms are UTF-8 encoded, and may include characters other than US-ASCII characters, such as é or ñ.
Dictionary profiles can be grouped or used individually by antispam or content profiles to detect spam, banned content, or content that requires encryption to be applied. For more information on content profiles and antispam profiles, see “Configuring antispam profiles and antispam action profiles” and “Configuring content profiles and content action profiles”.
A dictionary can contain predefined and/or user-defined patterns.
The FortiMail unit comes with the following six predefined patterns. You can edit a predefined pattern and edit or delete a user-defined pattern by selecting it and then clicking the Edit or Delete icon.
If a pattern is enabled, the FortiMail unit will look for the template/format defined in a pattern. For example, if you enable the Canadian SIN predefined pattern, the FortiMail unit looks for the three groups of three digits defined in this pattern. This is useful when you want to use IBE to encrypt an email based on its content. In such cases, the dictionary profile can be used in a content profile which is included in a policy to apply to the email. For more information about IBE, see “Configuring IBE encryption”.
 
Table 44: Predefined patterns
Canadian SIN
Canadian Social Insurance Number. The format is three groups of three digits, such as 649 242 666.
US SSN
United States Social Security number. The format is a nine digit number, such as 078051111.
Credit Card
Major credit card number formats.
ABA Routing
A routing transit number (RTN) is a nine digit bank code, used in the United States, which appears on the bottom of negotiable instruments such as checks identifying the financial institution on which it was drawn.
CUSIP
CUSIP typically refers to both the Committee on Uniform Security Identification Procedures and the 9-character alphanumeric security identifiers that they distribute for all North American securities for the purposes of facilitating clearing and settlement of trades.
ISIN
An International Securities Identification Number (ISIN) uniquely identifies a security. Securities for which ISINs are issued include bonds, commercial paper, equities and warrants. The ISIN code is a 12-character alpha-numerical code that does not contain information characterizing financial instruments but serves for uniform identification of a security at trading and settlement.
To access this part of the web UI, your administrator account’s access profile must have Read or Read-Write permission to the Policy category. For details, see “About administrator account permissions and domains”.
To view the list of dictionary profiles
1. Go to Profile > Dictionary > Dictionary.
 
 
GUI item
Description
Export
(button)
Select one dictionary check box and click Export. Follow the prompts to save the dictionary file.
Note that you can only export one dictionary at a time.
Import
(button)
Select one dictionary check box and then click the import button to import dictionary entries into the existing dictionary. In the dialog, click Browse to locate a dictionary in text format. Click OK to upload the file.
Note that you can only select one dictionary at a time and you can only import dictionary entries into an existing dictionary.
Name
Displays the dictionary name.
2. Click New to create a new profile or double-click a profile to modify it.
A two-part page appears.
3. For a new profile, type its name.
4. To enable or edit a predefined pattern:
Double-click a pattern in Smart Identifiers.
A dialog appears.
Select Enable to add the pattern to the dictionary profile.
To edit a predefined pattern, do the same as for a user-defined pattern in Step 5.
Click OK.
5. To add or edit a user-defined pattern:
Click New under Dictionary Entries to add an entry or double click an entry to modify it.
A dialog appears.
6. Configure a custom entry.
 
GUI item
Description
Enable
Select to enable a pattern.
Pattern
Type a word or phrase that you want the dictionary to match, expressed either verbatim, with wild cards, or as a regular expression.
Regular expressions do not require slash ( ) boundaries. For example, enter:
v[i1]agr?a
Matches are case insensitive and can occur over multiple lines as if the word were on a single line. (That is, Perl-style match modifier options i and s are in effect.)
The FortiMail unit will convert the encoding and character set into UTF‑8, the same encoding in which dictionary patterns are stored, before evaluating an email for a match with the pattern. Because of this, your pattern must match the UTF‑8 string, not the originally encoded string. For example, if the original encoded string is:
=?iso-8859-1?B?U2UgdHJhdGEgZGVsIHNwYW0uCg==?=
the pattern must match:
Se trata del spam.
Entering the pattern *iso-8859-1* would not match.
This option is not editable for predefined patterns.
Pattern type
For a new dictionary entry, select either:
Wildcard: Pattern is verbatim or uses only simple wild cards (? or *).
Regex: Pattern is a Perl-style regular expression.
This option is not editable for predefined patterns.
Comments
Enter any descriptions for the pattern.
Pattern weight
Enter a number by which an email’s dictionary match score will be incremented for each word or phrase it contains that matches this pattern.
The dictionary match score may be used by content monitor profiles and antispam profiles to determine whether or not to apply the content action. For more information about antispam profiles, see “Configuring dictionary options”. For more information about content monitor profiles, see “Configuring content monitor and filtering”.
Pattern max weight
Enter the maximum by which matches of this pattern can contribute to an email’s dictionary match score.
This option applies only if Enable pattern max weight limit is enabled.
Enable pattern max weight limit
Enable if the pattern must not increase an email’s dictionary match score more than the amount configured in Pattern max weight.
Search header
Enable to match occurrences of the pattern when it is located in an email’s message headers, including the subject line.
The FortiMail unit uses the full header string, including the header name and value, to match the pattern. Therefore, when you define the pattern, you can specify both the header name and value. For example, such a pattern entry as from: .*@example.com.* will block all email messages with the From header as xxx@example.com.
Search body
Enable to match occurrences of the pattern when it is located in an email’s message body.
To apply a dictionary, in an antispam profile or content profile, either select it individually or select a dictionary group that contains it. For more information, see “Configuring dictionary groups”, “Managing antispam profiles”, and “Configuring content profiles”.