Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Methods of Testing

Does anyone have any suggestions as to how to test the FortiGate email filtering? Essentially I would need a pop3/imap email account and an email that is considered SPAM, but I am not sure where I can get either of these? Any other good testing methods?
10 REPLIES 10
Carl_Wallmark
Valued Contributor

Hi, Dont know if the fortigate supports this, but its worth a try: http://spamassassin.apache.org/gtube/

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
Not applicable

Thanks for the quick response, I will try that out. Any suggestions for Email Profile settings for filtering incoming mail for spam? There are an awful lot of options: IP Address Check, URL Check, Email Checksum check, Spam Submission, IP Address BWL Check, HELO DNS Lookup, Email Address BWL Check, Return Email DNS Check, Band Word Check. Any insight from personal experience as to what combination gives the best results?
Carl_Wallmark
Valued Contributor

I use these: IP Address Check, URL Check, Email Checksum check,Return Email DNS Check AND in combination with RBL servers, you can configure the fortigate to ask an RBL server (or multiple)

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
Not applicable

Thanks for the quick replies Selective. You' ve had good luck with those options? Any trouble with legitimate emails being triggered as spam? As I understand it, the Fortigate just appends a [Spam] tag to the front of the subject line (or MIME header if selected). Do you just have your users inbox' s filter the mail based upon that tag?
Carl_Wallmark
Valued Contributor

it can discard the whole mail if using SMTP or, you can tag it with SMTP, IMAP and POP3 there will always be a legitimate mail that will be deleted/tagged. But it works ok, if you need something more advanced, check out the FortiMail appliance.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
laf
New Contributor II

Unfortunately I give a try using Fortigate' s ASE but no luck, mail passed without any detection. Any other tools, guys?

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
Not applicable

laf, you are having bad experience with the FortiGate' s anti spam capabilities? I have never used it before but am working a deployment where the customer has emphasized anti-spam as a feature they' re looking for. Is the FortiGate going to be enough? I plan on using the Fortigate features that Selective mentioned above: IP Address Check, URL Check, Email Checksum check,Return Email DNS Check
laf
New Contributor II

Maybe I was not clear. The testing tool Selective provided does not work with ASE, still it works for SpamAssasin as I tested with both. About Fortigate' s AntiSpam capabilities they re ok, as long as you don t expect 10 out of 10. I mean it depends of your requirements. Fortigate AS does its job, works OK, still it is not a COMPLETE thoroughbred AS appliance.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
Carl_Wallmark
Valued Contributor

i strongly recommend to read these two: http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31866&sliceId=1&docTypeID=DT_KCARTICLE_1_1&dialogID=10330044&stateId=0 0 10328224 http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD32695&sliceId=1&docTypeID=DT_KCARTICLE_1_1&dialogID=10330048&stateId=0 0 10328228

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors