Spam filter
Order of spam filter operations
FortiGate-1000A/FA2 Administration Guide
This chapter describes:
•
Order of spam filter operations
•
FortiGuard-Antispam Service
•
IP address
•
DNSBL & ORDBL
•
Email address
•
MIME headers
•
Banned word
•
Using Perl regular expressions
The order in which incoming mail is passed through the spam filters is determined by
the protocol used to transfer the mail:
For SMTP
1
IP address BWL check - Last hop IP
2
RBL & ORDBL check, IP address FortiShield check, HELO DNS lookup
3
E-mail address BWL check
4
MIME headers check
5
IP address BWL check (for IPs extracted from "Received" headers)
6
Return e-mail DNS check, FortiGuard Anti Spam check (for IPs extracted from
"Received" headers, and URLs in email content)
7
Banned word check
For POP3 and IMAP
1
E-mail address BWL check
2
MIME headers check, IP BWL check
3
Return e-mail DNS check, FortiGuard AntiSpam check, RBL & ORDBL check
4
Banned word check
For SMTP, POP3, and IMAP
Filters requiring a query to a server and a reply (FortiGuard-Antispam Service and
DNSBL/ORDBL) are run simultaneously. To avoid delays, queries are sent while other
filters are running. The first reply to trigger a spam action will take effect as soon as
the reply is received
01-28011-0254-20051115
Order of spam filter operations
345