FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable
Article Id 195884
Description
This article contains the minimum required steps to enable FortiGuard AntiSpam for a FortiGate traffic policy. For this procedure a valid FortiGuard AntiSpam service contract is required.
Scope
FortiOS 4.0 AntiSpam.
Solution
Prerequisite
 
This procedure assumes that the FortiGate unit being used first has a valid FortiGuard license. This also assumes that the  FortiGuard Spam filtering has been enabled globally.
 
To enable the FortiGuard Spam filtering

1. Go to System > Maintenance.
2. Select the blue arrow for Web Filtering and AntiSpam Options to expand the options.
3. Select Enable Spam.
 
sotoole_100128_Enable AS Globally.JPG
 
 

Web-based manager configuration

To configure antispam filtering

1. Go to Firewall > Protection Profile.

2. Select Edit for the protection profile for the policy in use.

sotoole_100128_100128-edit_protection_profile.JPG
 

3. Select the blue arrow for Spam Filtering to view the options.

4. Enable FortiGuard AntiSpam filtering options.

sotoole_100128_100128-spam_settings.jpg
 
HELO DNS lookup finds spam, however it will also find poorly setup servers so will require users to maintain an IP black/white list.
 
Return DNS lookup makes sure the sender domain resolves to any IP address.
 
Only SMTP has a discard action. POP/IMAP only have options to TAG due to the design of the protocols.
 
When first enabling Spam filtering for SMTP use the TAG action instead of Discard to evaluate the impact. The TAG option will show when spam mail has been caught, enabling you to verify the accuracy of the spam filtering.

5.  Enable Logging options in the Logging section if you want to keep Spam.
 
sotoole_100128_100128-log_settings.JPG
 
6.  Apply this protection profile the the required firewall policy.
 
sotoole_100128_100128-policy_settings.JPG