Fortinet and Over

Configurare un firewall Fortinet come antispam :

Antispam Filter Order

For SMTP through to IPS, the email header “Received” will not be checked unless the”smtp_spamhdrip” option is enabled in the profile.

The following CLI command will enable the SMTP header IP check:

config firewall profile
edit “profile-name”
set smtp_spamhdrip enable
end

Using the following steps we add fortinet.com as a destination domain that will not be tagged as spam. In other words we are approving any mail to be sent to this server.

Use the following commands to add and invoke MIME header checking, from CLI:

config spamfilter mheader
edit 1
config entries
edit 1
set action clear
set fieldbody /@fortinet.com/i
set fieldname /^To$/i
set pattern-type regexp
next
end
set name mheader_table
next
end

config firewall profile
edit Scan
set smtp scan bannedword fragmail spamemailbwl spamfssubmit spamfsurl spamipbwl spamhdrcheck
splice
set spammheadertable 1
next
end