DOCUMENT LIBRARY

CLI Reference

Using the CLI
config
execute
- backup
- backup-restore
- blocklist
- certificate
- checklogdisk
- checkmaildisk
- cleanqueue
- create
- date
- db
- dlp
- endpoint
- erase-filesystem
- factoryreset
- factoryreset config
- factoryreset config2
- factoryreset disk
- factoryreset keeplicense
- factoryreset shutdown
- factoryreset2
- factoryreset2 keeplicense
- fips
- formatlogdisk
- formatmaildisk
- formatmaildisk-backup
- forticloud
- ha commands
- ibe data
- ibe user
- license
- lvm
- maintain
- nslookup
- partitionlogdisk
- ping
- ping-option
- ping6
- ping6-option
- raid
- reboot
- reload
- restore as
- restore av
- restore config
- restore image
- restore mail-queues
- safelist
- sched-backup
- shutdown
- smtptest
- ssh
- storage
- telnettest
- traceroute
- update
- user-config
- vm
get
- system performance
- system status
show & show full-configuration
Change log

Home FortiMail 7.4.2 CLI Reference

7.4.2

system fortiguard url-protection

system fortiguard url-protection

Use this command to configure content disarm and reconstruction (CDR) URL click protection options.

Syntax

config system fortiguard url-protection

set click-action {allow-with-confirmation | block}

set click-category {all | default | phishing | unrated}

set isolator-category {all | default | phishing | unrated}

set isolator-url-base <FortiIsolator_url>

set malformed-html-tag-content-action {remove | rewrite}

set neutralize-category {all | default | phishing | unrated}

set neutralize-img-src-status {enable | disable}

set remove-category {all | default | phishing | unrated}

set rewrite-category {all | default | phishing | unrated}

set rewrite-url-base <FortiMail_url>

set sandbox-click-action {allow-with-confirmation | block | submit-only}

set sandbox-status {enable | disable}

set sandbox-timeout <timeout_int>

set sandbox-timeout-action {allow | allow-with-confirmation | block}

end

Variable	Description	Default
click-action {allow-with-confirmation \| block}	Select how the link will behave when click handling applies, and a user clicks a link.	block
click-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to receive click handling. For all other URL categories not selected, you can use sandbox-status {enable \| disable} to send them to FortiSandbox for more scanning	default
isolator-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be reached through FortiIsolator.	unrated
isolator-url-base <FortiIsolator_url>	Enter the prefix `https://` and then the FQDN or IP address of FortiIsolator. Note: The `https://` protocol prefix is required.
malformed-html-tag-content-action {remove \| rewrite}	Select whether to remove or rewrite the HTML tag content if it is malformed.	remove
neutralize-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be neutralized.	unrated
neutralize-img-src-status {enable \| disable}	Enable to neutralize URLs of images that are stored on remote web servers. Newsletters often do not embed images in email in order to keep the email file size small so that email can be sent to many people quickly. Instead, the image files are stored on a web server or CDN. Email clients download and display the image later, when each person reads their email. Normal newsletters often include a plain text version or a link to a web page to fall back if the images cannot be displayed in the email. Spammers and malware, however, can abuse remotely stored images to detect valid recipient addresses even when SMTP recipient verification is disabled, and to bypass email antispam and antivirus scans by transmitting the content over HTTPS instead of SMTP. Note: When you update FortiMail firmware from a previous version, default values are applied to any new settings. If this setting is new, the default results in a change in behavior. If you prefer the previous behavior, then enter: set neutralize-img-src enable	disable
remove-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be removed.	default
rewrite-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be rewritten.	unrated
rewrite-url-base <FortiMail_url>	Enter the prefix `https://` and then the FQDN or IP address of FortiMail. When users click a hyperlink, they will be directed to the rewritten URL on FortiMail first. Note: The `https://` protocol prefix is required. Tip: The URL is rewritten in the format: `https://example.com/fmlurlsvc/?fewReq/baseValue&url=originalUrlEscaped` where `originalUrlEscaped` is the original URL in URL-encoded format. If you want to convert it back to see the original URL, you can use a text editor or online service such as: https://www.urldecoder.org
sandbox-click-action {allow-with-confirmation \| block \| submit-only}	Select how the link will behave when a user clicks a link during a FortiSandbox scan: `allow-with-confirmation`: Allow access with a warning. `block`: Block access. `submit-only`: Allows access while sending the URLs for scanning.	allow-with-confirmation
sandbox-status {enable \| disable}	For all other URL categories not selected in click-category {all \| default \| phishing \| unrated},enable this setting if you want to send them to FortiSandbox for scanning	disable
sandbox-timeout <timeout_int>	When the URLs are sent to FortiSandbox for scanning, it can take some time to get the results. Enter how long (in seconds) to wait for FortiSandbox scan results. If FortiMail does not get a reply in this time, then click handling instead uses the action specified in sandbox-timeout-action {allow \| allow-with-confirmation \| block}.	5
sandbox-timeout-action {allow \| allow-with-confirmation \| block}	Select how the link will behave when a user clicks a link after a FortiSandbox scan timeout (sandbox-timeout <timeout_int>).	allow

Related topics

file content-disarm-reconstruct

profile content

Previous

Next

system fortiguard url-protection

system fortiguard url-protection

Use this command to configure content disarm and reconstruction (CDR) URL click protection options.

Syntax

config system fortiguard url-protection

set click-action {allow-with-confirmation | block}

set click-category {all | default | phishing | unrated}

set isolator-category {all | default | phishing | unrated}

set isolator-url-base <FortiIsolator_url>

set malformed-html-tag-content-action {remove | rewrite}

set neutralize-category {all | default | phishing | unrated}

set neutralize-img-src-status {enable | disable}

set remove-category {all | default | phishing | unrated}

set rewrite-category {all | default | phishing | unrated}

set rewrite-url-base <FortiMail_url>

set sandbox-click-action {allow-with-confirmation | block | submit-only}

set sandbox-status {enable | disable}

set sandbox-timeout <timeout_int>

set sandbox-timeout-action {allow | allow-with-confirmation | block}

end

Variable	Description	Default
click-action {allow-with-confirmation \| block}	Select how the link will behave when click handling applies, and a user clicks a link.	block
click-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to receive click handling. For all other URL categories not selected, you can use sandbox-status {enable \| disable} to send them to FortiSandbox for more scanning	default
isolator-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be reached through FortiIsolator.	unrated
isolator-url-base <FortiIsolator_url>	Enter the prefix `https://` and then the FQDN or IP address of FortiIsolator. Note: The `https://` protocol prefix is required.
malformed-html-tag-content-action {remove \| rewrite}	Select whether to remove or rewrite the HTML tag content if it is malformed.	remove
neutralize-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be neutralized.	unrated
neutralize-img-src-status {enable \| disable}	Enable to neutralize URLs of images that are stored on remote web servers. Newsletters often do not embed images in email in order to keep the email file size small so that email can be sent to many people quickly. Instead, the image files are stored on a web server or CDN. Email clients download and display the image later, when each person reads their email. Normal newsletters often include a plain text version or a link to a web page to fall back if the images cannot be displayed in the email. Spammers and malware, however, can abuse remotely stored images to detect valid recipient addresses even when SMTP recipient verification is disabled, and to bypass email antispam and antivirus scans by transmitting the content over HTTPS instead of SMTP. Note: When you update FortiMail firmware from a previous version, default values are applied to any new settings. If this setting is new, the default results in a change in behavior. If you prefer the previous behavior, then enter: set neutralize-img-src enable	disable
remove-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be removed.	default
rewrite-category {all \| default \| phishing \| unrated}	Select which URL rating category a URL must match in order to be rewritten.	unrated
rewrite-url-base <FortiMail_url>	Enter the prefix `https://` and then the FQDN or IP address of FortiMail. When users click a hyperlink, they will be directed to the rewritten URL on FortiMail first. Note: The `https://` protocol prefix is required. Tip: The URL is rewritten in the format: `https://example.com/fmlurlsvc/?fewReq/baseValue&url=originalUrlEscaped` where `originalUrlEscaped` is the original URL in URL-encoded format. If you want to convert it back to see the original URL, you can use a text editor or online service such as: https://www.urldecoder.org
sandbox-click-action {allow-with-confirmation \| block \| submit-only}	Select how the link will behave when a user clicks a link during a FortiSandbox scan: `allow-with-confirmation`: Allow access with a warning. `block`: Block access. `submit-only`: Allows access while sending the URLs for scanning.	allow-with-confirmation
sandbox-status {enable \| disable}	For all other URL categories not selected in click-category {all \| default \| phishing \| unrated},enable this setting if you want to send them to FortiSandbox for scanning	disable
sandbox-timeout <timeout_int>	When the URLs are sent to FortiSandbox for scanning, it can take some time to get the results. Enter how long (in seconds) to wait for FortiSandbox scan results. If FortiMail does not get a reply in this time, then click handling instead uses the action specified in sandbox-timeout-action {allow \| allow-with-confirmation \| block}.	5
sandbox-timeout-action {allow \| allow-with-confirmation \| block}	Select how the link will behave when a user clicks a link after a FortiSandbox scan timeout (sandbox-timeout <timeout_int>).	allow

Related topics

file content-disarm-reconstruct

profile content

Previous

Next