Fortinet white logo
Fortinet white logo

Administration Guide

Configuring the FortiGuard URL filter

Configuring the FortiGuard URL filter

FortiGuard URL filter service allows you choose which categories of URL in the email body you want to check, rewrite, or block. Then you can use the filters in the antispam profiles (see Configuring the FortiGuard URL filter) and the FortiGuard URL Click Protection settings (see Configuring licensed features).

To configure a URL category profile
  1. Go to Security > URL Filter > Category.
  2. Click Create New.
  3. Enter a profile name.
  4. Select the URL categories you want to check in the email body.
  5. Click Create.
Note

With the release of FortiMail 7.0.2, the following new categories are introduced (to match those already supported by FortiOS):

  • Terrorism

  • URL Shortening

  • Crypto Mining

  • Potentially Unwanted Program

URL types

There are two types of URLs:

  • Absolute URLs strictly follow the URL syntax and include the URL scheme names, such as “http”, “https”, and “ftp”. For instance, http://www.example.com.
  • Reference URLs do not contain the scheme names. For instance, example.com.

By default, FortiMail scans for absolute URLs.

You can use the following CLI command to change the default setting:

config antispam settings

set uri-checking {aggressive | strict}

end

  • aggressive: Choose this option to scan for both the absolute and reference URLs.
  • strict: Choose this option to scan for absolute URLs only. Note that web sites without “http” or “https” but starting with “www” are also treated as absolute URLs. For instance, www.example.com.

For more information about this command, see FortiMail CLI Reference.

Configuring the URL exempt list

If you want to exempt URLs from FortiGuard URL and web filter (see Configuring FortiGuard options), FortiGuard URL protection (see Configuring licensed features), FortiSandbox scanning (see Using FortiSandbox antivirus inspection), you can add the URLs to the exempt list.

To configure the URL exempt list
  1. Go to Security > URL Filter > Exempt.
  2. Click New.
  3. Enter an exempt pattern. The pattern can use wildcards (default) or regular expressions. For more information about URL types and how they are processed, see Configuring antispam profiles and antispam action profiles.
  4. Click Create.

Configuring the FortiGuard URL filter

Configuring the FortiGuard URL filter

FortiGuard URL filter service allows you choose which categories of URL in the email body you want to check, rewrite, or block. Then you can use the filters in the antispam profiles (see Configuring the FortiGuard URL filter) and the FortiGuard URL Click Protection settings (see Configuring licensed features).

To configure a URL category profile
  1. Go to Security > URL Filter > Category.
  2. Click Create New.
  3. Enter a profile name.
  4. Select the URL categories you want to check in the email body.
  5. Click Create.
Note

With the release of FortiMail 7.0.2, the following new categories are introduced (to match those already supported by FortiOS):

  • Terrorism

  • URL Shortening

  • Crypto Mining

  • Potentially Unwanted Program

URL types

There are two types of URLs:

  • Absolute URLs strictly follow the URL syntax and include the URL scheme names, such as “http”, “https”, and “ftp”. For instance, http://www.example.com.
  • Reference URLs do not contain the scheme names. For instance, example.com.

By default, FortiMail scans for absolute URLs.

You can use the following CLI command to change the default setting:

config antispam settings

set uri-checking {aggressive | strict}

end

  • aggressive: Choose this option to scan for both the absolute and reference URLs.
  • strict: Choose this option to scan for absolute URLs only. Note that web sites without “http” or “https” but starting with “www” are also treated as absolute URLs. For instance, www.example.com.

For more information about this command, see FortiMail CLI Reference.

Configuring the URL exempt list

If you want to exempt URLs from FortiGuard URL and web filter (see Configuring FortiGuard options), FortiGuard URL protection (see Configuring licensed features), FortiSandbox scanning (see Using FortiSandbox antivirus inspection), you can add the URLs to the exempt list.

To configure the URL exempt list
  1. Go to Security > URL Filter > Exempt.
  2. Click New.
  3. Enter an exempt pattern. The pattern can use wildcards (default) or regular expressions. For more information about URL types and how they are processed, see Configuring antispam profiles and antispam action profiles.
  4. Click Create.