226 01-28007-0068-20041203 Fortinet Inc.
Protection profile options Firewall
The following options are available for web category filtering through the protection
profile. See “Category block” on page 317 for more category blocking configuration
options.
Configuring spam filtering options
Figure 109:Protection profile spam filtering options
The following options are available for spam filtering through the protection profile.
See “Spam filter” on page 323 for more spam filter configuration options.
Enable category block (HTTP
only)
Enable FortiGuard category blocking.
Block unrated websites
(HTTP only)
Block any web pages that have not been rated by the web
filtering service.
Provide details for blocked
HTTP 4xx and 5xx errors
(HTTP only)
Display a replacement message for 4xx and 5xx HTTP errors.
If the error is allowed through then malicious or objectionable
sites could use these common error pages to circumvent web
category blocking.
Allow websites when a rating
error occurs (HTTP only)
Allow web pages that return a rating error from the web
filtering service.
Category The FortiGuard web filtering service provides many categories
by which to filter web traffic. You can set the action to take on
web pages for each category. Choose from allow, block, or
monitor.
IP address FortiShield
check
Enable or disable the Fortinet spam filtering IP address blacklist:
FortiShield. See “FortiShield” on page 325 for a description of this
service.
IP address BWL check Black/white list check. Enable or disable checking incoming IP
addresses against the configured spam filter IP address list. (SMTP
only.)
RBL & ORDBL check Enable or disable checking traffic against configured Real-time
Blackhole List and Open Relay Database List servers.
HELO DNS lookup Enable or disable looking up the source domain name (from the
SMTP HELO command) in the Domain Name Server.
E-mail address BWL
check
Enable or disable checking incoming email addresses against the
configured spam filter email address list.