Description
This article describes how to handle an issue where a URL is blocked as SPAM despite it being an allowed FortiGuard URL category.
Scope
For all versions of FortiMail.
Solution
There are two checks performed for a URL, one with the 'FortiGuard AntiSpam database' and the other with the 'FortiGuard Webfilter database'.
For example, the URI in the mail https://s3.amazonaws.com/assets.knak.io/custom-fonts/ProximaNova/ProximaNova.css was categorized as spam by FortiGuard AntiSpam.
Check the classification on FortiMail under Maintenance -> FortiGuard -> AntiSpam. Select Query type under FortiGuard Query as 'URI' and input the URI in the field, and select 'Query'.
Or via CLI:
diagnose fortiguard rating url https://s3.amazonaws.com/assets.knak.io/custom-fonts/ProximaNova/ProximaNova.css
System Time: 2025-12-19 08:34:05 CET (Uptime: 1d 0h 31m)
url: https://s3.amazonaws.com/assets.knak.io/custom-fonts/ProximaNova/ProximaNova.css, score=0, Not spam; category=Information Technology(Id: 52)
The first part is 'score=1,Spam'.
This is the result of a check against the 'FortiGuard AntiSpam database'; the result is spam, hence messages with this link will be blocked by the FortiGuard AntiSpam check.
The second part is 'category=Information Technology(Id: 52)'.
This is the result from the 'FortiGuard Webfilter database', which is used for the URI filter check.
If the URL is not in the 'FortiGuard AntiSpam database', it will display a score of '0' and the respective URI category from the 'FortiGuard Webfilter database'.
Sample log for detection by 'FortiGuard AntiSpam database'.
Antispam log type with the message as 'FortiGuard-AntiSpam identified spam URL: http://www.domainname.something'.
Sample log for detection by 'FortiGuard Webfilter database'.
Antispam log type with message as 'FortiGuard-WebFilter identified URL(category: Category name, id: <number>): https://www.domainname.something'.
The recommended procedure to safelist an entry is through the FortiGuard portal's blocklist page.
Verify the rating of a URL from:
