FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable
Article Id 193320
Article
Description Spam is not detected by Banned Word Spam Filter
Components
  • All FortiGate units running FortiOS 2.8.
  • Outlook, Outlook Express, or any other email clients capable of rendering HTML content
Steps or Commands

If spam email does not seem to be blocked or tagged by the Banned Word check, verify the raw content of the received email to see whether it presents the banned word using HTML.

There are various ways to display text using HTML, which can result in bypassing the Banned Word filter. The screen capture below is an example of a spam email message shown within Outlook Express:
 
ddouglas_11674_11674-diagram.JPG

Looking at the details of the email, you can see the banned words "viagra", "valium" and "cialis", are actually split in half, and presented on the same line using HTML codes.

<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV style = "
  FLOAT
: left ; "><H2>Via<BR>Val<BR>
Cia<BR></H2></DIV>
<DIV style = "  FLOAT
:
 left
 ; "><H2>gra<BR>ium <BR>lis<BR>
</H2></DIV>
<DIV style = "
 FLOAT
: left ;
"><H2>only<BR>only<BR>only <BR></H2></DIV>
...

The FortiGate unit cannot detect the banned words when presented this way.

Consider using an alternate SPAM detection method, such as FortiGuard AntiSpam.