Fortiguard-Antispam Service; Fortiguard-Antispam Service Spam Filtering - Fortinet FortiGate FortiGate-1000A Administration Manual
Fortinet fortigate fortigate-1000a: user guide
Hide thumbs
Also See for FortiGate FortiGate-1000A:
- Install manual (58 pages) ,
- Quick start manual (2 pages) ,
- Administration manual (458 pages)
Table of Contents
Advertisement
FortiGuard-Antispam Service
FortiGuard-Antispam Service
FortiGuard-Antispam Service Spam filtering
346
Each filter passes the email to the next if no matches or problems are found. If the
action in the filter is Mark as Spam, the FortiGate unit tags or discards (SMTP only)
the email according to the settings in the protection profile. If the action in the filter is
Mark as Clear, the email is exempt from any remaining filters. If the action in the filter
is Mark as Reject, the email session is dropped. Rejected SMTP email messages are
substituted with a configurable replacement message. See
on page
117.
You can filter Spam with an IP address black list and a URL black list using the
Fortinet FortiGuard-Antispam Service product.
This section describes:
•
FortiGuard-Antispam Service Spam filtering
•
FortiGuard-Antispam Service options
•
Configuring the FortiGuard-Antispam Service
•
FortiGuard-Antispam Service CLI configuration
FortiGuard-Antispam Service is an antispam system from Fortinet that includes an IP
address black list, a URL black list, and spam filtering tools. The IP address black list
contains IP addresses of email servers known to be used to generate Spam. The URL
black list contains URLs of website found in Spam email.
FortiGuard-Antispam Service compiles the IP address list and URL list from email
captured by spam probes located around the world. Spam probes are email
addresses purposely configured to attract spam and identify known spam sources to
create the antispam IP address and URL address lists. FortiGuard-Antispam Service
combines IP address checks and URL checks with other spam filter techniques in a
two-pass process.
On the first pass, if IP address FortiGuard-Antispam Service check is selected in the
protection profile, FortiGuard-Antispam Service extracts the SMTP mail server source
address and sends the IP address to a FortiGuard-Antispam Service server to see if
this IP address matches the list of known spammers. If URL FortiGuard-Antispam
Service check is selected in the protection profile, FortiGuard-Antispam Service
checks the body of email messages to extract any URL links. These URL links will be
sent to a FortiGuard-Antispam Service server to see if any of them is listed. Typically
Spam messages contain URL links to advertisements (also called spamvertizing).
If an IP address or URL match is found, FortiGuard-Antispam Service terminates the
session. If FortiGuard-Antispam Service does not find a match, the mail server sends
the email to the recipient.
As each email is received, FortiGuard-Antispam Service performs the second
antispam pass by checking the header, subject, and body of the email for common
spam content. If FortiGuard-Antispam Service finds spam content, the email is tagged
or dropped according to the configuration in the firewall protection profile.
01-28011-0254-20051115
Spam filter
"Replacement messages"
Fortinet Inc.
Advertisement
Table of Contents
