Technical Tip: Detecting Emails with a Blank Body and/or Blank Subject

1. Create a Dictionary Profile:

1. Select Profile -> Antispam Profile -> Dictionary.
2. Select Dictionary Profile and create a new dictionary entry.
3. Set the Pattern Type to Regex.
4. Apply the anti-spam profile on the required policy.

2. Regex Pattern for Blank Subject and/or Body Detection:
   In the pattern field, input the following regex:
   
   

   ```
   ^(?:Subject:\s*(?:\r?\n|\r?\n\s*|\s*)|(?:\r?\n\r?\n\s*(?:<[^>]*>|\s*|[\x00-\x1F\x7F])*)$
   ```
   
   

    

3. Configure Header and Body Search:

   Use the Toggle buttons to enable both the Search Header and Search Body depending on the detection criteria.

   If detecting emails with a blank body but a filled subject, enable Search Body and disable Search Header.
                                                                                                     

   

    

4. Testing Blank Body Detection:

   Send an email with a filled subject and a blank body. The email will be detected by the Dictionary Filter when the header search is disabled and only the body search is enabled.
                                                                                     

                                                                                                   

                                                                                                        

    

5. Testing Blank Subject and Body Detection:
   

Send an email with both a blank subject and a blank body. Ensure both the Search Header and Search Body are enabled. This will classify the email under the Dictionary Filter.

For testing, FortiMail's web mailbox was used to verify the detection.