- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Fortimail 7.0 series Banned words
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortimail 7.0 series Banned words
Hi community
Can someone kindly assisting in guiding me how to enter banned words in Fortimail via CLI - in a batch? Is it possible?
I have over 300 of them, clearly not to be entered one by one in the gui.
Labels:
- Labels:
-
FortiMail
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi NeoRant
Here is how to do with CLI, however it is still not feasible to do it manually, so either use a good text editor that helps you automatize creating your command file, or use a python script to generate your command file from a csv file containing your banned words.
config profile antispam
edit AS_Custom
config bannedwords
edit word1
set body enable
set subject enable
next
edit word2
set body enable
set subject enable
next
edit word3
set body enable
set subject enable
next
end
end
Hope it helps
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello AEK,
You always save the day, thanks. I did this with some modification by using char(10) in excel to include multiple words imported from a txt file. However, when i run this script in fortimail cli, it creates a new AS system profile with the new inserted banned words. I would like to modify my existing domain wide profile, not create a new AS sys profile. Could you guide, is this possible to edit ur domain AS profile in cli?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi NeoRant
Happy to help.
Just replace "AS_Custom" above by your existing AS profile name.
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi AEK,
I already did, but it keeps creating a new system AS profile of name i specified. I want to actually edit my existing domain AS profile. Strange indeed.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So after this operation you find two AS with same name?!
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi AEK,
Yes indeed. I just want to edit an existing AS profile for my internal domain, not System.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AEK,
The script works great but it does not edit an existing AS profile, it by default just creates a new system-domain profile with the banned words. Is there a way i could copy banned words from fortimail system domain to the protected domain?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi NeoRant
I tested in my lab on FML 7.0.7.
I executed the commands that I provided above and it worked just fine, I mean it edited an existing (AS_Custom) profile and it did not add a new profile.
I'm listing the trace of the execution here below so you can see the steps and result.
FML # config profile antispam
FML (antispam) # show
config profile antispam
edit AS_Inbound
set uri-filter-status enable
config dnsbl-server
edit bl.spamcop.net
next
end
set behavior-analysis enable
config surbl-server
edit multi.surbl.org
next
end
set heuristic enable
config bannedwords
end
config safelistwords
end
set scan-max-size 1024
set action-deep-header TagSubjectSuspicious
set action-default UserQuarantine
set action-suspicious-newsletter TagSubjectSuspicious
set action-newsletter TagSubjectNewsletter
set action-uri-filter-secondary TagSubjectSuspiciousURI
set action-spf-sender-alignment TagSubjectSuspicious
next
edit AS_Inbound_High
set uri-filter-status enable
set uri-filter-secondary-status enable
set spam-outbreak-protection enable
set suspicious-newsletter-status enable
set newsletter-status enable
set greylist enable
config dnsbl-server
edit bl.spamcop.net
next
end
set behavior-analysis enable
config surbl-server
edit multi.surbl.org
next
end
set heuristic enable
set heuristic-rules-percent 50
config bannedwords
end
config safelistwords
end
set scan-max-size 1024
set action-deep-header TagSubjectSuspicious
set action-default UserQuarantine
set action-suspicious-newsletter TagSubjectSuspicious
set action-newsletter TagSubjectNewsletter
set action-uri-filter-secondary TagSubjectSuspiciousURI
set action-spf-sender-alignment TagSubjectSuspicious
next
edit AS_Outbound
set fortiguard-check-ip disable
set spf-checking disable
config dnsbl-server
end
config surbl-server
edit multi.surbl.org
next
end
config bannedwords
end
config safelistwords
end
set scan-max-size 1024
set action-default Reject
next
edit AS_Custom
set fortiguard-check-ip disable
set spf-checking disable
config dnsbl-server
end
config surbl-server
end
config bannedwords
end
config safelistwords
end
set scan-max-size 1024
set action-default Reject
next
end
FML (antispam) # edit AS_Custom
FML (AS_Custom) # config bannedwords
FML (bannedwords) # edit word1
FML (word1) # set body enable
FML (word1) # set subject enable
FML (word1) # next
FML (bannedwords) # edit word2
FML (word2) # set body enable
FML (word2) # set subject enable
FML (word2) # next
FML (bannedwords) # edit word3
FML (word3) # set body enable
FML (word3) # set subject enable
FML (word3) # next
FML (bannedwords) # end
FML (AS_Custom) # end
FML # config profile antispam
FML (antispam) # show
config profile antispam
edit AS_Inbound
set uri-filter-status enable
config dnsbl-server
edit bl.spamcop.net
next
end
set behavior-analysis enable
config surbl-server
edit multi.surbl.org
next
end
set heuristic enable
config bannedwords
end
config safelistwords
end
set scan-max-size 1024
set action-deep-header TagSubjectSuspicious
set action-default UserQuarantine
set action-suspicious-newsletter TagSubjectSuspicious
set action-newsletter TagSubjectNewsletter
set action-uri-filter-secondary TagSubjectSuspiciousURI
set action-spf-sender-alignment TagSubjectSuspicious
next
edit AS_Inbound_High
set uri-filter-status enable
set uri-filter-secondary-status enable
set spam-outbreak-protection enable
set suspicious-newsletter-status enable
set newsletter-status enable
set greylist enable
config dnsbl-server
edit bl.spamcop.net
next
end
set behavior-analysis enable
config surbl-server
edit multi.surbl.org
next
end
set heuristic enable
set heuristic-rules-percent 50
config bannedwords
end
config safelistwords
end
set scan-max-size 1024
set action-deep-header TagSubjectSuspicious
set action-default UserQuarantine
set action-suspicious-newsletter TagSubjectSuspicious
set action-newsletter TagSubjectNewsletter
set action-uri-filter-secondary TagSubjectSuspiciousURI
set action-spf-sender-alignment TagSubjectSuspicious
next
edit AS_Outbound
set fortiguard-check-ip disable
set spf-checking disable
config dnsbl-server
end
config surbl-server
edit multi.surbl.org
next
end
config bannedwords
end
config safelistwords
end
set scan-max-size 1024
set action-default Reject
next
edit AS_Custom
set fortiguard-check-ip disable
set spf-checking disable
config dnsbl-server
end
config surbl-server
end
config bannedwords
edit word1
set subject enable
set body enable
next
edit word2
set subject enable
set body enable
next
edit word3
set subject enable
set body enable
next
end
config safelistwords
end
set scan-max-size 1024
set action-default Reject
next
end
AEK
AEK
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi AEK,
Thank you so much. You are one of the kindest persons I have ever met in my life. Knowledgeable and willing to educate others. You are cybersecurity god. I will review cli commands and apply to my existing protected domain AS profile and provide an update(of course i will omit other features, i am just interested in adding banned words)
Related Posts
- Fortimail - Edit bulk Banned Words... 64 Views
- Fortimail Gateway Template 248 Views
- Custom event handler for Fortimail 213 Views
- FortiMail, Spam Outbreak and Sandbox 3953 Views
Labels
-
FortiGate
6,535 -
FortiClient
1,304 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
414 -
5.6
362 -
FortiSwitch
333 -
FortiAP
333 -
FortiClient EMS
263 -
6.2
251 -
FortiMail
242 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
150 -
6.4
128 -
FortiNAC
106 -
FortiGuard
102 -
FortiSIEM
88 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
69 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
60 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
SD-WAN
24 -
Firewall policy
23 -
FortiConnect
23 -
FortiWAN
22 -
FortiConverter
21 -
VLAN
20 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
Routing
12 -
FortiAuthenticator
12 -
FortiCASB
12 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
LDAP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
Virtual IP
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSL SSH inspection
6 -
Security profile
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Intrusion prevention
3 -
Automation
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
VoIP profile
2 -
Antivirus profile
2 -
Web profile
2 -
Traffic shaping profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Fortinet Engage Partner Program
2 -
trunk
2 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
FortiPAM
1 -
Application signature
1 -
Multicast routing
1 -
Authentication rule and scheme
1 -
Zone
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.