Dnsbl & Ordbl - Fortinet FortiGate FortiGate-1000A Administration Manual

Spam filter
DNSBL & ORDBL
FortiGate-1000A/FA2 Administration Guide
2 Select Create New.
Figure 180:Adding an IP address
3 Enter the IP address/mask you want to add.
4 If required, select before or after another IP address in the list to place the new IP
address in the correct position.
5 Select the action to take on email from the IP address.
6 Select OK.
Using DNSBLs (DNS-based Blackhole Lists) and ORDBLs (Open Relay Database
Lists) is an effective way to tag or reject spam as it enters your system. These lists act
as domain name servers that match the domain of incoming email to a list of IP
addresses known to send spam or allow spam to pass through. DNSBLs keep track of
reported spam source addresses and ORDBLs keep track of unsecured third party
SMTP servers, known as open relays, which some spammers use to send unsolicited
bulk email.
There are also several free and subscription servers available that provide reliable
access to continually updated DNSBLs and ORDBLs. Check with the service you are
using to confirm the correct domain name for connecting to the server.
The FortiGate unit communicates with DNSBL servers using UDP through port 53.
The FortiGate unit compares the IP address or domain name of the sender to any
database lists you configure. The FortiGate unit checks all the servers in the list
simultaneously. If a match is found, the corresponding protection profile action is
taken. If no match is found, the email is passed on to the next spam filter.
Note: Because the FortiGate unit uses the server domain name to connect to the DNSBL or
ORDBL server, it must be able to look up this name on the DNS server. For information on
configuring DNS, see
This section describes:
• DNSBL & ORDBL list
• DNSBL & ORDBL options
• Configuring the DNSBL & ORDBL list
"DNS" on page 69.
01-28011-0254-20051115
DNSBL & ORDBL
351