Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
joh2k
New Contributor III

Bypass DNSBL for given client IP

Hello everyone,

 

Is it possible to bypass DNSBL for certain IP ranges at FortiMail ?

 

If we enable DNSBL using spamcop, lots of legit messages are blocked if sent from a shared SMTP clients that are temporarily blacklisted (such as *prod.protection.outlook.com and others).

 

We get so many complains that we had to disable DNSBL.

I guess we are not the only facing this problem because it seems to be an obvious problem. If a spammer sends spam using example.prod.protection.outlook which is used by thousands of legit organisations, if we discard all all messages coming from that example.prod.protection.outlook, then we are labelling legit messages as spam, and that's a problem.

Can anyone recommend a workaround o a differnt approach maybe?

 

Thanks for your help.

 

 

 

 

1 REPLY 1
AEK
SuperUser
SuperUser

Hello

I personally never use DNSBL, I only use FortiGuard and I find it much better (almost no false positive/negative).

In your Antispam profile enable FortiGuard with IP reputation. You can by the way enable URL category under the same topic.

If you really need DNSBL then I you can add exceptions by using domain safelist, under menu Security > Block/Safe List.

AEK
AEK
Labels
Top Kudoed Authors