beautypg.com

Banned word, Black/white list, Im/p2p (new) – Fortinet FortiOS 3.0 User Manual

Page 28: Banned word black/white list

background image

Upgrade Guide for FortiOS v3.0

28

01-30000-0317-20060424

IM/P2P (new)

New features and changes

Banned word

The Banned word menu still controls spam by blocking email messages
containing specific words or patterns. The Action column on the Banned Word
page is now Score, and is reflected when configuring a new banned word.

Score is a numerical weighting applied to banned word. If the score is greater than
the spamwordthreshold value set in the protection profile, the page is processed
according to whether the spam action command for the mail traffic type (for
example smtp3-spamaction) is set to pass or tag in the protection profile. The

score for the banned word is counted once even if the word appears multiple
times in the web page.

Black/White list

The Black/White list menu provides a way to filter incoming email if enabled in the
protection profile. The FortiGate unit uses both an IP address list and email list for
filtering purposes.

The FortiGate unit compares the IP address of the message’s sender to the IP
address in sequence when doing an IP address list check. If the FortiGate unit
finds a match, the action associated with the IP address is taken. If there is no
match, then the message passes to the next enabled spam filter.

Email lists work the same way.

IM/P2P (new)

The IM/P2P menu consists of the following menus:

Statistics

User

The IM/P2P menu is new for FortiOS 3.0. Since instant messaging and peer to
peer (P2P) networks have grown, FortiOS 3.0 now includes a separate menu for
these new technologies. You can control the amount of bandwidth allocated for
P2P.

There are extended features with the IM/P2P menu, available in the CLI. You can
use config imp2p old-version command to enable older versions of IM

protocols. These older versions of IM protocols are able to bypass file blocking
because the message types are not recognized. This command provides the
option to disable these older IM protocol versions.

The supported protocols are:

• MSN 6.0 and above
• ICQ 4.0 and above
• AIM 5.0 and above
• Yahoo 6.0 and above

Note: The FortiGate unit is unable to block Skype uses. Also, if the audio blocking feature
is enabled, instant messaging clients are still able to send/receive webcam/video traffic.