spamfilter bwl
Use this command to filter email based on the sender’s email address or address pattern. The FortiGate email filters are applied in the following order:
For SMTP
- IP address BWL check - Last hop IP
- DNSBL & ORDBL check, IP address FortiGuard check, HELO DNS lookup
- E-mail address BWL check
- MIME headers check
- IP address BWL check (for IPs extracted from “Received” headers)
- Return e-mail DNS check, FortiGuard Antispam check (for IPs extracted from “Received” headers, and URLs in email content)
- Banned word check
For POP3 and IMAP
- E-mail address BWL check
- MIME headers check, IP BWL check
- Return e-mail DNS check, FortiGuard Antispam check, DNSBL & ORDBL check
- Banned word check
For SMTP, POP3, and IMAP using the email address
The FortiGate unit compares the email address or domain of the sender to the list in sequence. If a match is found, the corresponding action is taken. If no match is found, the email is passed on to the next email filter.
The FortiGate unit can filter email from specific senders or all email from a domain (such as example.net). Each email address can be marked as clear or spam.
Use Perl regular expressions or wildcards to add email address patterns to the list.
Use this command to filter email based on the IP or subnet address.
For SMTP, POP3, and IMAP using the IP address
The FortiGate unit compares the IP address of the sender to the list in sequence. If a match is found, the corresponding action is taken. If no match is found, the email is passed on to the next email filter.
Enter an IP address and mask in one of two formats:
x.x.x.x/x.x.x.x, for example192.168.10.23/255.255.255.0x.x.x.x/x, for example192.168.10.23/24
Configure the FortiGate unit to filter email from specific IP addresses. Mark each IP address as clear, spam, or reject. Filter single IP addresses, or a range of addresses at the network level by configuring an address and mask.
config spamfilter bwl
edit {id}
# Configure anti-spam black/white list.
set id {integer} ID. range[0-4294967295]
set name {string} Name of table. size[35]
set comment {string} Optional comments. size[255]
config entries
edit {id}
# Anti-spam black/white list entries.
set status {enable | disable} Enable/disable status.
set id {integer} Entry ID. range[0-4294967295]
set type {ip | email} Entry type.
ip By IP address.
email By email address.
set action {reject | spam | clear} Reject, mark as spam or good email.
reject Reject the connection.
spam Mark as spam email.
clear Mark as good email.
set addr-type {ipv4 | ipv6} IP address type.
ipv4 IPv4 Address type.
ipv6 IPv6 Address type.
set ip4-subnet {ipv4 classnet} IPv4 network address/subnet mask bits.
set ip6-subnet {ipv6 network} IPv6 network address/subnet mask bits.
set pattern-type {wildcard | regexp} Wildcard pattern or regular expression.
wildcard Wildcard pattern.
regexp Perl regular expression.
set email-pattern {string} Email address pattern. size[127]
next
next
end
Additional information
The following section is for those options that require additional explanation.
action
The options for this setting will depend on what the setting type is set to.
| Type | Available options |
|---|---|
|
|
| ip |
|
clear- exempt the email from the rest of the spam filtersreject- to drop any current or incoming sessions.spam- apply the spam action configured in the profile
addr-type
Select whether IPv4 or IPv6 addresses will be used.
Available if type is ip.
email-pattern
Enter the email address pattern using wildcards or Perl regular expressions.
Available if type is email.
ip4-subnet
The trusted IPv4 IP address and subnet mask in the format x.x.x.x x.x.x.x or x.x.x.x/x.
Available if type is ip.
ip6-subnet
The trusted IPv6 IP address.
This is available when type is ip and addr-type is ipv6.
pattern-type
Enter the pattern-type for the email address. Choose from wildcards or Perl regular expressions.
Available if type is email.