advertisement
FortiGate-400 Installation and Configuration Guide Version 2.50 MR2
Email filter
Email filtering is enabled in firewall policies. When you enable Anti-Virus & Web filter in a firewall policy, you select a content profile that controls how email filtering behaves for email (IMAP and POP3) traffic. Content profiles control the following types of protection to identify unwanted email:
• filtering of unwanted sender address patterns,
• filtering of unwanted content,
• exempting sender address patterns from blocking.
This chapter describes:
•
•
•
•
•
General configuration steps
1
2
3
Configuring email filtering involves the following general steps:
Select email filter options in a new or existing content profile. See
“Adding a content profile” on page 197 .
Select the Anti-Virus & Web filter option in firewall policies that allow IMAP and POP3 connections through the FortiGate unit. Select a content profile that provides the email
Add a subject tag to the unwanted email so that receivers can use their mail client software to filter messages based on the tag. See
“Adding a subject tag” on page 280 .
Note: To receive email filter log messages, see “Configuring logging” in the Logging
Configuration and Reference Guide. For information about email filter log message categories and formats, see “Log messages” in the FortiGate Logging Configuration and Reference Guide.
FortiGate-400 Installation and Configuration Guide
277
Email banned word list Email filter
Email banned word list
When the FortiGate unit detects email that contains a word or phrase in the banned word list, the FortiGate unit adds a tag to the subject line of the email and writes a message to the event log. Receivers can then use their mail client software to filter messages based on the subject tag.
You can add banned words to the list in many languages using Western, Simplified
Chinese, Traditional Chinese, Japanese, or Korean character sets.
Adding words and phrases to the banned word list
5
6
1
2
3
4
Go to Email Filter > Content Block.
Select New to add a word or phrase to the banned word list.
Type a banned word or phrase.
• If you type a single word (for example, banned
), the FortiGate unit tags all IMAP and POP3 email that contains that word.
• If you type a phrase (for example, banned phrase
), the FortiGate unit tags email that contains both words. When this phrase appears on the banned word list, the
FortiGate unit inserts plus signs (+) in place of spaces (for example, banned+phrase
).
• If you type a phrase in quotes (for example,
“banned word”
), the FortiGate unit tags all email in which the words are found together as a phrase.
Content filtering is not case-sensitive. You cannot include special characters in banned words.
Select the Language for the banned word or phrase.
You can choose Western, Chinese Simplified, Chinese Traditional, Japanese, or
Korean.
Your computer and web browser must be configured to enter characters in the language that you select.
Select Enable.
Select OK.
The word or phrase is added to the banned word list.
You can enter multiple banned words or phrases and then select Check All activate all items in the banned word list.
to
Note: Email Content Block must be selected in the content profile for IMAP or POP3 email containing banned words to be tagged.
278
Fortinet Inc.
Email filter Email block list
Email block list
You can configure the FortiGate unit to tag all IMAP and POP3 protocol traffic sent from unwanted email addresses. When the FortiGate unit detects an email sent from an unwanted address pattern, the FortiGate unit adds a tag to the subject line of the email and writes a message to the email filter log. Receivers can then use their mail client software to filter messages based on the subject tag.
You can tag email from a specific sender address or from all address subdomains by adding the top-level domain name. Alternatively, you can tag email sent from individual subdomains by including the subdomain to block.
Adding address patterns to the email block list
1
2
3
4
5
Go to Email Filter > Block List.
Select New to add an address pattern to the Email Block list.
Type a Block Pattern.
• To tag email from a specific email address, type the email address. For example, [email protected].
• To tag email from a specific domain, type the domain name. For example, abccompany.com
.
• To tag email from a specific subdomain, type the subdomain name. For example, mail.abccompany.com
.
• To tag email from an entire organization category, type the top-level domain name.
For example, type com
to tag email sent from all organizations that use .com as the top-level domain.
The pattern can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and the special characters - (hyphen),_ (underscore), and @. Spaces and other special characters are not allowed.
Select Enable to tag the email if part or all of the email address match the block pattern.
Select OK to add the address pattern to the Email Block list.
You can enter multiple address patterns and then select Check All patterns in the Email Block list.
to enable all
You can also enable any pattern in the Email Block list by checking the box in the
Enable column.
Email exempt list
Add address patterns to the exempt list to allow legitimate IMAP and POP3 traffic that might otherwise be tagged by email or content blocking. For example, if the email banned word list is set to block email that contains pornography-related words and a reputable company sends email that contains these words, the FortiGate unit would normally add a subject tag to the email. Adding the domain name of the reputable company to the exempt list allows IMAP and POP3 traffic from the company to bypass email and content blocking.
FortiGate-400 Installation and Configuration Guide
279
Adding a subject tag Email filter
Adding address patterns to the email exempt list
4
5
1
2
3
Go to Email Filter > Exempt List.
Select New to add an address pattern to the email exempt list.
Type the address pattern to exempt.
• To exempt email sent from a specific email address, type the email address. For example, [email protected]
.
• To exempt email sent from a specific domain, type the domain name. For example, abccompany.com
.
• To exempt email sent from a specific subdomain, type the subdomain name. For example, mail.abccompany.com
.
• To exempt email sent from an entire organization category, type the top-level domain name. For example, type net
to exempt email sent from all organizations that use .net as the top-level domain.
The pattern can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and the special characters - (hyphen),_ (underscore), and @. Spaces and other special characters are not allowed.
Select Enable to exempt the address pattern.
Select OK to add the address pattern to the email exempt list.
You can enter multiple patterns and then select Check All in the email exempt list.
to activate all patterns
You can also enable any pattern in the email exempt list by checking the box in the
Enable column.
Adding a subject tag
1
2
When the FortiGate unit receives email from an unwanted address or email that contains an item in the email banned word list, the FortiGate unit adds a tag to the subject line and sends the message to the destination email address. Email users can use their mail client software to filter the messages based on the subject tag.
To add a subject tag
Go to Email Filter > Config.
Type the Subject Tag that you want to display in the subject line of email received from unwanted addresses or that contains banned words. For example, type
Unwanted
.
Note: Do not use quotation marks in the subject tags.
3 Select Apply.
The FortiGate unit adds the tag to the subject line of all unwanted email.
280
Fortinet Inc.
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
