Fortinet Document Library

Version:


Table of Contents

Cookbook

6.2.0
Download PDF
Copy Link

Email filter

Email filters can be configured to perform spam detection and filtering. You can customize the default profile, or create your own and apply it to a firewall policy.

Note

Two kinds of filtering can be defined in a single profile, and they will act independent of one another.

Filter options can be organized according to the source of the decision:

  • Local options: the FortiGate qualifies the email based on local conditions, such as black or white lists (BWLs), banned words, or DNS checks using FortiGuard Antispam.
  • FortiGuard-based options: the FortiGate qualifies the email based on the score or verdict returned from FortiGuard Antispam.
  • Third-party options: the FortiGate qualifies the email based on information from a third-party source (like an ORB list).

Local and FortiGuard BWLs can be enabled and combined in a single profile. When combined, the local BWL has a higher priority than the FortiGuard black list during a decision making process. For example, if a client IP address is blacklisted in the FortiGuard server, but you want to override this decision and allow the IP to pass through the filter, you can define the IP address or subnet in a local BWL with the clear action. Because the information coming from the local list has a higher priority than the FortiGuard service, the email will be considered clean.

Note

Some features of this functionality require a subscription to FortiGuard Antispam.

The following topics provide information about email filter profiles:

Email filter

Email filters can be configured to perform spam detection and filtering. You can customize the default profile, or create your own and apply it to a firewall policy.

Note

Two kinds of filtering can be defined in a single profile, and they will act independent of one another.

Filter options can be organized according to the source of the decision:

  • Local options: the FortiGate qualifies the email based on local conditions, such as black or white lists (BWLs), banned words, or DNS checks using FortiGuard Antispam.
  • FortiGuard-based options: the FortiGate qualifies the email based on the score or verdict returned from FortiGuard Antispam.
  • Third-party options: the FortiGate qualifies the email based on information from a third-party source (like an ORB list).

Local and FortiGuard BWLs can be enabled and combined in a single profile. When combined, the local BWL has a higher priority than the FortiGuard black list during a decision making process. For example, if a client IP address is blacklisted in the FortiGuard server, but you want to override this decision and allow the IP to pass through the filter, you can define the IP address or subnet in a local BWL with the clear action. Because the information coming from the local list has a higher priority than the FortiGuard service, the email will be considered clean.

Note

Some features of this functionality require a subscription to FortiGuard Antispam.

The following topics provide information about email filter profiles: