spamfilter profile
Use this command to configure UTM email filtering profiles for firewall policies. Email filtering profiles configure how Email filtering and FortiGuard Antispam is applied to sessions accepted by a firewall policy that includes the Email filtering profile.
config spamfilter profile
edit {name}
# Configure AntiSpam profiles.
set name {string} Profile name. size[35]
set comment {string} Comment. size[255]
set flow-based {enable | disable} Enable/disable flow-based spam filtering.
set replacemsg-group {string} Replacement message group. size[35] - datasource(s): system.replacemsg-group.name
set spam-log {disable | enable} Enable/disable spam logging for email filtering.
set spam-log-fortiguard-response {disable | enable} Enable/disable logging FortiGuard spam response.
set spam-filtering {enable | disable} Enable/disable spam filtering.
set external {enable | disable} Enable/disable external Email inspection.
set options {option} Options.
bannedword Content block.
spambwl Black/white list.
spamfsip Email IP address FortiGuard AntiSpam black list check.
spamfssubmit Add FortiGuard AntiSpam spam submission text.
spamfschksum Email checksum FortiGuard AntiSpam check.
spamfsurl Email content URL FortiGuard AntiSpam check.
spamhelodns Email helo/ehlo domain DNS check.
spamraddrdns Email return address DNS check.
spamrbl Email DNSBL & ORBL check.
spamhdrcheck Email mime header check.
spamfsphish Email content phishing URL FortiGuard AntiSpam check.
config imap
set log {enable | disable} Enable/disable logging.
set action {pass | tag} Action for spam email.
pass Allow spam email to pass through.
tag Tag spam email with configured text in subject or header.
set tag-type {subject | header | spaminfo} Tag subject or header for spam email.
subject Prepend text to spam email subject.
header Append a user defined mime header to spam email.
spaminfo Append spam info to spam email header.
set tag-msg {string} Subject text or header added to spam email. size[63]
config pop3
set log {enable | disable} Enable/disable logging.
set action {pass | tag} Action for spam email.
pass Allow spam email to pass through.
tag Tag spam email with configured text in subject or header.
set tag-type {subject | header | spaminfo} Tag subject or header for spam email.
subject Prepend text to spam email subject.
header Append a user defined mime header to spam email.
spaminfo Append spam info to spam email header.
set tag-msg {string} Subject text or header added to spam email. size[63]
config smtp
set log {enable | disable} Enable/disable logging.
set action {pass | tag | discard} Action for spam email.
pass Allow spam email to pass through.
tag Tag spam email with configured text in subject or header.
discard Discard (block) spam email.
set tag-type {subject | header | spaminfo} Tag subject or header for spam email.
subject Prepend text to spam email subject.
header Append a user defined mime header to spam email.
spaminfo Append spam info to spam email header.
set tag-msg {string} Subject text or header added to spam email. size[63]
set hdrip {disable | enable} Enable/disable SMTP email header IP checks for spamfsip, spamrbl and spambwl filters.
set local-override {disable | enable} Enable/disable local filter to override SMTP remote check result.
config mapi
set log {enable | disable} Enable/disable logging.
set action {pass | discard} Action for spam email.
pass Allow spam email to pass through.
discard Discard (block) spam email.
config msn-hotmail
set log {enable | disable} Enable/disable logging.
config yahoo-mail
set log {enable | disable} Enable/disable logging.
config gmail
set log {enable | disable} Enable/disable logging.
set spam-bword-threshold {integer} Spam banned word threshold. range[0-2147483647]
set spam-bword-table {integer} Anti-spam banned word table ID. range[0-4294967295] - datasource(s): spamfilter.bword.id
set spam-bwl-table {integer} Anti-spam black/white list table ID. range[0-4294967295] - datasource(s): spamfilter.bwl.id
set spam-mheader-table {integer} Anti-spam MIME header table ID. range[0-4294967295] - datasource(s): spamfilter.mheader.id
set spam-rbl-table {integer} Anti-spam DNSBL table ID. range[0-4294967295] - datasource(s): spamfilter.dnsbl.id
set spam-iptrust-table {integer} Anti-spam IP trust table ID. range[0-4294967295] - datasource(s): spamfilter.iptrust.id
next
end
Additional information
The following section is for those options that require additional explanation.
options
Select actions, if any, the FortiGate unit will perform with email traffic.
bannedword— block email containing content in the banned word list.spambwl— filter email using a block/allowlistspamfsip— filter email using the FortiGuard Antispam filtering IP address blocklist.spamfssubmit— add a link to the message body allowing users to report messages incorrectly marked as spam. If an email message is not spam, click the link in the message to report the false positive.spamfsurl— filter email using the FortiGuard Antispam filtering URL blocklist.spamhdrcheck— filter email using the MIME header list.spamaddrdns— filter email using a return email DNS check.spamrbl— filter email using configured DNS-based Blackhole List (DNSBL) and Open Relay Database List (ORDBL) servers.
Separate multiple options with a space. To remove an option from the list or add an option to the list, retype the list with the option removed or added.
spam-bword-threshold
If the combined scores of the banned word patterns appearing in an email message exceed the threshold value, the message will be processed according to the Spam Action setting.
config {imap | imaps | mapi | pop3 | pop3s | smtp | smtps}
Configure spam filtering options for the IMAP, IMAPS, MAPI, POP3, POP3S, SMTP, and SMTPS email protocols.
action
Select the action that this profile uses for filtered email. Tagging appends custom text to the subject or header of email identified as spam. When scan or streaming mode (also called splice) is selected, the FortiGate unit can only discard spam email. Discard immediately drops the connection. Without streaming mode or scanning enabled, chose to discard, pass, or tag spam.
discard— do not pass email identified as spam.pass— disable spam filtering.tag— tag spam email with text configured using the tagmsg option and the location set using the tag-type option.
local-override
For smtp and smtps. Select to override SMTP or SMTPS remote check, which includes IP RBL check, IP FortiGuard antispam check, and HELO DNS check, with the locally defined antispam block/allowlist.
tag-type
Select to affix the tag to either the MIME header or the subject line, and whether or not to append spam information to the spam header, when an email is detected as spam. Also configure tag-msg.
If you select to add the tag to the subject line, the FortiGate unit will convert the entire subject line, including tag, to UTF-8 by default. This improves display for some email clients that cannot properly display subject lines that use more than one encoding.
tag-msg
Enter a word or phrase (tag) to affix to email identified as spam.
When typing a tag, use the same language as the FortiGate unit’s current administrator language setting. Tagging text using other encodings may not be accepted.
To correctly enter the tag, your SSH or telnet client must also support your language’s encoding. Alternatively, you can use the web-based manager’s CLI widget to enter the tag.
Tags must not exceed 64 bytes. The number of characters constituting 64 bytes of data varies by text encoding, which may vary by the FortiGate administrator language setting.
Tags containing space characters, such as multiple words or phrases, must be surrounded by quote characters (‘)to be accepted by the CLI.