Antispam Options - Fortinet FortiGate Series Install Manual

AntiSpam options

AntiSpam options
32
• Grayware - These are unsolicited commercial software programs that are installed on
computers, often without the user's consent or knowledge. Grayware programs are
generally considered an annoyance, but these programs can cause system
performance problems or be used for malicious ends. The Fortinet unit scans for
known grayware executable programs in each enabled category.
• Heuristics - The Fortinet heuristic antivirus engine performs tests on the file to detect
virus-like behavior or known virus indicators. In this way, heuristic scanning may detect
new viruses, but may also produce some false positive results.
The antivirus elements work in sequence to give you an efficient method of scanning
incoming files. The first three elements have specific functions, the fourth, the heuristics, is
to cover any new previously unknown virus threats. The four elements work together to
offer your network unparalleled antivirus protection. To ensure that your system is
providing the most protection available, all virus definitions and signatures are up dated
regularly through the FortiGuard antivirus services.
To configure the file patterns that the Fortinet scans, go to UTM > AntiVirus > File Filter.
To enable grayware blocking, go to UTM > AntiVirus > Grayware.
Antivirus settings are turned on in the protection profile. In the protection profile you can
enable antivirus options for specific services and which services will use the file patterns
as a part of the antivirus process.
To configure antivirus protection profile settings, go to Firewall > Protection Profile. Select
edit for a profile and select the Anti-Virus options.
For details on the antivirus features and settings, see the
or the Fortinet Online Help.
The Fortinet unit's antispam feature detects unsolicited commercial email by identifying
spam email messages and spam transmissions from known or suspected spam servers.
This feature requires a FortiGuard subscription and a registered Fortinet unit. When the
Fortinet unit receives an email message, it verifies with the FortiGuard server whether it is
a valid email or a spam message. FortiGuard Antispam is one of the features designed to
manage spam. FortiGuard is an antispam system from Fortinet that includes an IP
address black list, a URL black list, and spam filtering tools. The FortiGuard Center
accepts submission of spam email messages as well as well as reports of false positives.
Depending on how you configure the Fortinet unit, it will either tag the message with text
so you can easily identify the spam, or delete the message before it reaches the recipient.
The Fortinet unit also enables you to create your own spam filters using banned words
and black/white lists.
Banned word lists are specific words that may be typically found in email. The Fortinet unit
searches for words or patterns in email messages. If matches are found, values assigned
to the words are totalled. If the defined threshold value is exceeded, the message is
marked as spam. If no match is found, the email message is passed along to the next
filter.
You configure banned words by going to UTM > Antispam > Banned Word.
While FortiGuard services maintain a large list of known spammers, it is not perfect. In
some cases, some mail tagged as spam is an individual you want to receive mail from,
while email that is not caught by the spam filters or users you don't want to receive email
from gets through to your inbox.
Advanced configuration
FortiGate Administration Guide
FortiGate Version 4.0 Desktop Install Guide
01-400-95522-20090501
http://docs.fortinet.com/ • Feedback