If our intention is to block all spam that passes through our firewall, RBL lists are most commonly configured, and this document shows how to configure them on a Fortinet firewall, in a Fortigate. RBL is the acronym for “Realtime Blackhole list” or “Real-time blacklist”. These are systems that publish a database with a list of IP addresses that have been the source of unsolicited email sendings (SPAM). These databases are consulted online in real time by AntiSpam systems or mail servers before accepting a new email and said email will be marked as spam or we will reject it, according to interest.

We must first create an RBL list in our fortigate and then apply it to a 'Protection Profile'. To do this, we will execute the following commands:

Config Spamfilter DNSBL
edit 1
Set name myrbl_list
config entries

edit 1
Set Action {Reject | spam}
Set Server xbl.spamhaus.org
Set status {enable | disable}
Next

edit 2
Set Action {Reject | spam}
Set Server dnsbl.spamhaus.org
Set status {enable | disable}
Next

End

config firewall profile
edit NOMBRE_PROTECTION_PROFILE
Set smtp spamrbl
Spamblable set 1
End

If our firmware is lower than FortiOS 3.0 MR5 instead of running 'config spamfilter rbl' we should run 'config spamfilter dnsbl'