|
The FortiGate queries the FortiGuard Antispam Service to determine if the IP address of the client delivering the email is blacklisted.
A match will cause the FortiGate to treat delivered messages as spam.
The default setting of the hdrip CLI command is disable.
If it isenabled, the FortiGate will check all the IP addresses in the header of SMTP email against the FortiGuard Antispam Service.
The following CLI command will enable the SMTP header IP check:
# config firewall profile
edit "profile-name"
# config smtp
set hdrip enable
end
end
Order of SMTP and SMTPS spam filtering:
The FortiGate scans SMTP and SMTPS email for spam in the order given below.
SMTPS spam filtering is available on FortiGates that support SSL content scanning and inspection.
1) IP address black/white list (BWL) check on last hop IP.
2) DNSBL & ORDBL check on last hop IP, FortiGuard Antispam IP check on last hop IP, HELO DNS lookup.
3) MIME headers check, E-mail address BWL check.
4) Banned word check on email subject.
5) IP address BWL check (for IPs extracted from 'Received' headers).
6) Banned word check on email body.
7) Return email DNS check, FortiGuard Antispam email checksum check, FortiGuard Antispam URL check, DNSBL & ORDBL check on public IP extracted from header.
Order of IMAP, POP3, IMAPS and POP3S spam filtering.
The FortiGate scans IMAP, POP3, IMAPS and POP3S email for spam in the order given below.
IMAPS and POP3S spam filtering is available on FortiGates that support SSL content scanning and inspection.
1) MIME headers check, E-mail address BWL check.
2) Banned word check on email subject
3) IP BWL check.
4) Banned word check on email body.
5) Return email DNS check, FortiGuard Antispam email checksum check, FortiGuard Antispam URL check, DNSBL & ORDBL check.
|
