Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ianmclachlan
New Contributor

Anti-Spam - Local Spam Filter (BlackWhite List Not Working

Hi Guys,

 

I have a Fortinet 100E UTM device.  My Local Spam Filter BlackWhite List is not working even though it's set to override on local.  Any email addresses I create and set to "Mark as Spam" and enable ... still go through.  Any ideas?

 

Here's my config:

 

config spamfilter profile

edit "default"

set comment "Malware and phishing URL filtering."

set spam-filtering enable

set options spambwl spamfsip spamfssubmit spamfschksum spamfsurl spamraddrdns spamfsphish

config imap

set tag-msg "**_SPAM_Email_**"

end

config pop3

set tag-msg "**_SPAM_Email_**"

end

config smtp

set tag-msg "**_SPAM_Email_**"

set local-override enable

end

set spam-bwl-table 1

next

end

2 REPLIES 2
Dave_Hall
Honored Contributor

After creating a spamfilter profile, have you applied it in a firewall policy rule and made sure that that rule is moved above any general traffic (firewall policy rule) so it is trigged?

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

ianmclachlan

Hi,

 

Thanks for reply.  Yes, I have an exisiting policy rule for SMTP which has been in place for a long time.  There are no issues with recieving email etc.  ASE does it's job and we have no issues, however, from time to time we need the ability to blacklist certain emails.

 

I have looked at the CLI for this filter.

 

edit 3                set status disable                 set type email                 set action clear                 set email-pattern "*@domain.com"  (have reacted actual address)             next

edit 4                 set type email

                set email-pattern "*1@hotmail.com" (have reacted actual address)             next         end  

Firsty on the GUI, the "Mark as Reject" is greyed out, so the only option I have is "Mark as Spam".  However, when I do this, there is no action set (on edit 4)  Edit 3 seems to have the correct action set.  So I'm not sure whether this is a bug or there is a reason behind this.  Have tried several tests with the same results.

 

Thanks again for the comments