<

Fortigate Tutorial – Spam Filtering

Fortigate Tutorial – Spam Filtering

 

Fortiguard uses the industry standard definition of spam as Unsolicite Bulk Email.

Here are the Spam Filtering Methods implemented by Fortinet to its appliances:

1. IP Address Check

2. URL Check

3. Email Checksum Check

4. Spam Submission

5. Block/White List

6. HELO DNS Lookup

7. Return E-mail DNS check

8. Banned Words

9. MIME check

10. DNS Blackhole List (DNSBL) and Open Relay Database List (ORDBL)

 

II. Fortiguar AntiSpam

Global Filters

1. FortiIP Sender IP Reputation Database (based on the reputation of the IP)

2. FortiSig 1 – contains “spamvertised URLs” – matches URLs in the email

3. FortiSig 2 – contains “spamvertised email address”

4. FortiSig 3 – checks for spam objecte checksums

5. FortiRule – the global filter uses dynamically updated heuristic rules to identify spam using: header, body, mime header and attachment

6. Customized Filters: IP address, banned word etc.

 

III. Spam actions:

You have the possibility to tag SPAM with the following Actions:

a. Tag for: IPAM, POP3, SMTP -> this features tags the spam with [SPAM] at the beginning of the Email Subject

b. Drop: SMTP -> you can drop emails only using SMTP of course

 

IV. Banned Word List

You can add words and add a score for each word. If your total score(more banned words in the email) go over a specific threshold, then the email is processed according with the profile you defined.

 

V. IP Address Filter

You can add a profile and a list of IP

IP Trust – if a Fortigate is behind a Mail Transfer Unit(MTU), it may be unnecesarry to check the email IP address because, they are internet and of course are trusted. To enabled this option you can use the “iptrust” command from the CLI.

 

VI. MIME Header Checks

Fortigate checks the MIME header key-value pair of the incoming email to the list pair in the sequence.

A MIME Header Check can only be configured using the “config spamfilter mheader” command from the CLI.

 

The DNSBL (DNS Blackhole List) and ORDBL (Open Relay Database List) can only be configured from the CLI and only for SMTP with the following command:

config spamfilter dnsbl

 

The Fortimail and Fortigate can support the following:

1. Wildlist Virus Protection -> This can be supported by both applications

2. Legacy Virus Protection -> This can only be supported by the Fortimail

3. Advanced Spam Filter -> This can be supported by both, but it is very limited in the Fortigate

4. Email Quarantine -> This can only be supported by the Fortimail or a Fortigate with FortiAnalyzer

5. Email Archiving -> Supported by both

6. Email routing -> Supported only by the Fortimail

 

 

You can leave a response, or trackback from your own site.

23 Responses to “Fortigate Tutorial – Spam Filtering”

  1. Daniel says:

    5. Block/White List – should be black/white 🙂

  2. Informative article, totally what I was looking for.

    My site: Criminal case hack cheat

  3. This blog was… how do you say it? Relevant!! Finally I’ve
    found something which helped me. Many thanks!

  4. Angeles says:

    At this time it appears like Woddpress is the best blogging
    platform available right now. (from what I’ve
    read) Is that what you’re using on your blog?

  5. Video shows how to conceal your actual ip address

  6. I just couldn’t leave your web site before suggesting that
    I extremely enjoyed the usual information a person supply to
    your visitors? Is going to be back regularly to investigate cross-check new posts

  7. This is the perfect site for anybody who really wants to find out about this topic.
    You realize a whole lot its almost hard to argue with you (not that I personally would
    want to…HaHa). You definitely put a fresh spin on a subject that has been written about
    for many years. Excellent stuff, just great!

  8. impact says:

    Good information. Lucky me I came across your website by chance (stumbleupon).
    I have saved it for later!

  9. Growth is picking up and inflation remains low, domestic demand has led the turnaround, the Organization for Economic Co-operation and Development said in its latest report on the global economic outlook.
    ray ban prescription glasses http://www.tangra.bg/open.php?ray-ban-prescription-glasses/

  10. 人毛 かつら ショート ウィッグ 人毛mix 70%人毛 医療用 フルウィッグ 女性用 haw07 【ショートウィッグ カツラ 通販 中高年 ミセス ウィッグ ウイッグ wig レディス 増毛用かつら】【 コスプレ 仮装 cosplay】【あす楽対応】 クリスマス 成人式

    Just desire to say your article is as astonishing. The clarity in your post is simply spectacular and i could assume you are an expert on this subject. Fine with your permission let me to grab your RSS feed to keep updated with forthcoming post. Thanks…

  11. Fantastic beat ! I would like to apprentice whilst you amend your web site, how can i subscribe for a weblog site? The account helped me a acceptable deal. I were a little bit acquainted of this your broadcast offered brilliant clear idea

  12. Hey there! I know this is somewhat off topic but I was wondering if you knew where I could get a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having problems finding one? Thanks a lot!

  13. You actually make it seem so easy together with your presentation however I to find this matter to be actually something which I think I’d by no means understand. It kind of feels too complex and very wide for me. I am taking a look ahead on your subsequent publish, I will attempt to get the grasp of it!

  14. Ollie says:

    Learning a ton from these neat arlstcei.

  15. for such a quantity of provisions came pouring in that I was amazed

  16. I got this web page from my buddy who shared with me concerning
    this website and now this time I am visiting this web page and reading very informative articles
    or reviews at this time.

  17. FirstJina says:

    I see you don’t monetize your site, don’t waste your traffic, you can earn extra cash every month because you’ve got high quality content.
    If you want to know how to make extra money, search for:
    Mrdalekjd methods for $$$

Leave a Reply