DescriptionThis article contains the minimum required steps to enable FortiGuard AntiSpam for a FortiGate traffic policy. For this procedure a valid FortiGuard AntiSpam service contract is required.
ScopeFortiOS 4.0 AntiSpam.
SolutionPrerequisite
This procedure assumes that the FortiGate unit being used first has a valid FortiGuard license. This also assumes that the FortiGuard Spam filtering has been enabled globally.
To enable the FortiGuard Spam filtering
1. Go to System > Maintenance.
2. Select the blue arrow for Web Filtering and AntiSpam Options to expand the options.
3. Select Enable Spam.
Web-based manager configuration
To configure antispam filtering
1. Go to Firewall > Protection Profile.
2. Select Edit for the protection profile for the policy in use.
3. Select the blue arrow for Spam Filtering to view the options.
4. Enable FortiGuard AntiSpam filtering options.
HELO DNS lookup finds spam, however it will also find poorly setup servers so will require users to maintain an IP black/white list.
Return DNS lookup makes sure the sender domain resolves to any IP address.
Only SMTP has a discard action. POP/IMAP only have options to TAG due to the design of the protocols.
When first enabling Spam filtering for SMTP use the TAG action instead of Discard to evaluate the impact. The TAG option will show when spam mail has been caught, enabling you to verify the accuracy of the spam filtering.
5. Enable Logging options in the Logging section if you want to keep Spam.
6. Apply this protection profile the the required firewall policy.