Skip to main content
CAD
CAD
New Member
April 24, 2016
Question

Review DNSBL

  • April 24, 2016
  • 2 replies
  • 12557 views

Hi everyone,

Recently you have configured DNSBL, I want someone gives me the code to verify that the setup were  done correctly  or not?

 

Thanks 

 

 

 

    2 replies

    Somashekara_Hanumant
    Staff & Editor
    Somashekara_Hanumant
    Staff & Editor
    April 24, 2016

    Hi,

     

    From the given description, not able to understand on which fortinet device you have configured the DNSBL option.

     

    Request you to provide the complete details, and if possible configuration.

     

    Regards,

    Somu

    CAD
    CADAuthor
    New Member
    April 24, 2016

    Thanks for respones,

    i am using Fortigate 200D , running firmware 5.2.3. kindly check my configuration in the screen shot

    CAD
    CADAuthor
    New Member
    April 24, 2016

    AndreaSoliva
    AndreaSoliva
    New Member
    April 25, 2016

    Hi

     

    I think your config is right even I do not see "status enable". Additional the function DNSBL must be set in the correspondig profile which means " options spamrbl":

     

           # config spamfilter dnsbl        # edit [Use a integer like "1"]        # set name [set a name like "spamhaus"]        # set comment [set a descripiton if needed]        # config entries        # edit [use a integer for the entryy "1"]        # set action [reject | spam]        # set server [Use FQDN DNSBL Server like zB "zen.spamhaus.org"]        # set status [enable | disable]        # end               NOTE Otherones which can be useful:                         zen.spamhaus.org               http://www.spamhaus.org             bl.spamcop.net                 http://www.spamcop.net             dnsbl.sorbs.net                http://www.sorbs.net             dnsbl.ahbl.org                 http://www.ahbl.org

     

    Be careful how the dnsbl function is used from order point of view (ref to CLI handbook):

     

    For SMTP

    [LEFT]1.[size="2"]IP address BWL check - Last hop IP[/size][/LEFT][LEFT]2.[size="2"]DNSBL & ORDBL check, IP address FortiGuard check, HELO DNS lookup[/size][/LEFT][LEFT]3.[size="2"]E-mail address BWL check[/size][/LEFT][LEFT]4.[size="2"]MIME headers check[/size][/LEFT][LEFT]5.[size="2"]IP address BWL check (for IPs extracted from “Received” headers)[/size][/LEFT][LEFT]6.[size="2"]Return e-mail DNS check, FortiGuard Antispam check (for IPs extracted from “Received”[/size][/LEFT]

    headers, and URLs in email content)

    [LEFT]7.[size="2"]Banned word check[/size][/LEFT]

     

    For POP3 and IMAP

    [LEFT]1.[size="2"]E-mail address BWL check[/size][/LEFT][LEFT]2.[size="2"]MIME headers check, IP BWL check[/size][/LEFT][LEFT]3.[size="2"]Return e-mail DNS check, FortiGuard Antispam check, DNSBL & ORDBL check[/size][/LEFT]

    4.[size="2"]Banned word check[/size]

     

    [size="2"]To ativate the function DNBL within the profile use:[/size]

     

    [size="2"][size="2"][size="2"]# config spamfilter profile # edit [Name of the corresponding profile to be used in Firewall Policy Rule][/size][/size][/size]

    [size="2"][size="2"][size="2"]# set options [Use for DNSBL option "spamrbl" and additional options see below][/size][/size][/size]

    [size="2"][size="2"]# end[/size][/size]

     

    [size="2"][size="2"]Following options can be used:[/size][/size]

     

    [size="2"][size="2"][size="2"]bannedword      Content block. spambwl         Black/white list. spamfsip        Email IP address FortiGuard AntiSpam black list check. spamfssubmit    Add FortiGuard AntiSpam spam submission text. spamfschksum    Email checksum FortiGuard AntiSpam check. spamfsurl       Email content URL FortiGuard AntiSpam check. spamhelodns     Email helo/ehlo domain DNS check. spamraddrdns    Email return address DNS check. spamrbl         Email DNSBL & ORBL check. spamhdrcheck    Email mime header check. spamfsphish     Email content phishing URL FortiGuard AntiSpam check.[/size][/size][/size]

     

    [size="2"][size="2"][size="2"]hope this helps[/size][/size][/size]

     

    [size="2"][size="2"][size="2"]have fun[/size][/size][/size]

     

    [size="2"][size="2"][size="2"]Andrea[/size][/size][/size]

    CAD
    CADAuthor
    New Member
    April 25, 2016

    Thanks for reply,

    i am not familiar with CLI , please can you double  check my config and tell me which missing 

     

    F200D# show spamfilter profile

    config spamfilter profile edit "Emailfil" set comment "malware and phishing URL filtering" set spam-filtering enable set options spambwl spamfsip spamfssubmit spamfschksum spamfsurl spamfsphish set spam-bwl-table 1 next edit "Emaifiltring" set comment "malware and phishing URL filtering" set spam-filtering enable set options spambwl spamfsip spamfssubmit spamfschksum spamfsurl spamfsphish set spam-bwl-table 2 set spam-rbl-table 1 next end

    F200# show spamfilter dnsbl config spamfilter dnsbl edit 1 set name "dnsbl-table" config entries edit 1 set server "zen.spamhaus.org" set action reject next end next end

     

     

    Thanks

    AndreaSoliva
    AndreaSoliva
    New Member
    April 25, 2016

    Hi

     

    still does not see "enable":

     

    config spamfilter dnsbl edit 1 set name "dnsbl-table" config entries edit 1 set server "zen.spamhaus.org" set action reject

    set status enable next end next end

     

    still does not see enable the function "spamrbl"

     

    config spamfilter profile edit "Emailfil" set options spambwl spamrbl spamfsip spamfssubmit spamfschksum spamfsurl spamfsphish

    end

     

    hope this helps

     

    have fun

     

    Andrea

    Terms & ConditionsAccessibility statement