|
Configure a regular expression pattern '.*(co)\b' to match emails belonging to only .co domain.
# config emailfilter block-allow-list
edit 1
set name "dotco-bal"
config entries
edit 1
set type email-from
set pattern-type regexp
set pattern ".*(co)\\b" > It is expected to see two backward slashes when you run #show emailfilter block-allow-list
next
end
next
end
Map the block-allow-list to an antispam profile.
# config emailfilter profile
edit "BlockDotCO"
set comment ''
set feature-set proxy
set replacemsg-group ''
set spam-log enable
set spam-filtering disable
set external disable
set options spambal
config imap
set log-all disable
end
config pop3
set log-all disable
end
config smtp
set log-all disable
end
config mapi
set log-all disable
end
config msn-hotmail
set log-all disable
end
config gmail
set log-all disable
end
set spam-bword-threshold 10
unset spam-bword-table
set spam-bal-table 1
unset spam-mheader-table
unset spam-rbl-table
unset spam-iptrust-table
set spam-log-fortiguard-response disable
next
end
Now, apply this antispam profile to a PROXY-BASED Firewall policy.
As of FortiOS v7.2.0, new filter types {ip | email-to | email-from | subject}
are currently not supported in flow inspection mode.
For more information about the block-allow-list feature on FortiGate, refer to
https://docs.fortinet.com/document/fortigate/7.2.0/new-features/386433/add-email-filters-for-block-a...
To learn more about wildcards and regular expressions, refer to
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/571833/wildcards-and-perl-regular-expres...
|
