fortios_emailfilter_profile – Configure Email Filter profiles in Fortinet’s FortiOS and FortiGate.¶
New in version 2.9.
Synopsis¶
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify emailfilter feature and profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.4.0
Requirements¶
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters¶
- host - FortiOS or FortiGate IP address. type: str required: False
- username - FortiOS or FortiGate username. type: str required: False
- password - FortiOS or FortiGate password. type: str default:
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
- https - Indicates if the requests towards FortiGate must use HTTPS protocol. type: bool default: True
- ssl_verify - Ensures FortiGate certificate must be verified by a proper CA. type: bool default: True
- state - Indicates whether to create or remove the object. type: str required: True choices: present, absent
- emailfilter_profile - Configure Email Filter profiles. type: dict
- comment - Comment. type: str
- external - Enable/disable external Email inspection. type: str choices: enable, disable
- feature_set - Flow/proxy feature set. type: str choices: flow, proxy
- file_filter - File filter. type: dict
- entries - File filter entries. type: list
- action - Action taken for matched file. type: str choices: log, block
- comment - Comment. type: str
- file_type - Select file type. type: list
- name - File type name. Source antivirus.filetype.name. type: str required: True
- filter - Add a file filter. type: str required: True
- password_protected - Match password-protected files. type: str choices: True, any
- protocol - Protocols to apply with. type: str choices: smtp, imap, pop3
- log - Enable/disable file filter logging. type: str choices: enable, disable
- scan_archive_contents - Enable/disable file filter archive contents scan. type: str choices: enable, disable
- status - Enable/disable file filter. type: str choices: enable, disable
- gmail - Gmail. type: dict
- log - Enable/disable logging. type: str choices: enable, disable
- imap - IMAP. type: dict
- action - Action for spam email. type: str choices: pass, tag
- log - Enable/disable logging. type: str choices: enable, disable
- tag_msg - Subject text or header added to spam email. type: str
- tag_type - Tag subject or header for spam email. type: str choices: subject, header, spaminfo
- mapi - MAPI. type: dict
- action - Action for spam email. type: str choices: pass, discard
- log - Enable/disable logging. type: str choices: enable, disable
- msn_hotmail - MSN Hotmail. type: dict
- log - Enable/disable logging. type: str choices: enable, disable
- name - Profile name. type: str required: True
- options - Options. type: str choices: bannedword, spambwl, spamfsip, spamfssubmit, spamfschksum, spamfsurl, spamhelodns, spamraddrdns, spamrbl, spamhdrcheck, spamfsphish
- pop3 - POP3. type: dict
- action - Action for spam email. type: str choices: pass, tag
- log - Enable/disable logging. type: str choices: enable, disable
- tag_msg - Subject text or header added to spam email. type: str
- tag_type - Tag subject or header for spam email. type: str choices: subject, header, spaminfo
- replacemsg_group - Replacement message group. Source system.replacemsg-group.name. type: str
- smtp - SMTP. type: dict
- action - Action for spam email. type: str choices: pass, tag, discard
- hdrip - Enable/disable SMTP email header IP checks for spamfsip, spamrbl and spambwl filters. type: str choices: disable, enable
- local_override - Enable/disable local filter to override SMTP remote check result. type: str choices: disable, enable
- log - Enable/disable logging. type: str choices: enable, disable
- tag_msg - Subject text or header added to spam email. type: str
- tag_type - Tag subject or header for spam email. type: str choices: subject, header, spaminfo
- spam_bwl_table - Anti-spam black/white list table ID. Source emailfilter.bwl.id. type: int
- spam_bword_table - Anti-spam banned word table ID. Source emailfilter.bword.id. type: int
- spam_bword_threshold - Spam banned word threshold. type: int
- spam_filtering - Enable/disable spam filtering. type: str choices: enable, disable
- spam_iptrust_table - Anti-spam IP trust table ID. Source emailfilter.iptrust.id. type: int
- spam_log - Enable/disable spam logging for email filtering. type: str choices: disable, enable
- spam_log_fortiguard_response - Enable/disable logging FortiGuard spam response. type: str choices: disable, enable
- spam_mheader_table - Anti-spam MIME header table ID. Source emailfilter.mheader.id. type: int
- spam_rbl_table - Anti-spam DNSBL table ID. Source emailfilter.dnsbl.id. type: int
- yahoo_mail - Yahoo! Mail. type: dict
- log - Enable/disable logging. type: str choices: enable, disable
Examples¶
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure Email Filter profiles.
fortios_emailfilter_profile:
vdom: "{{ vdom }}"
state: "present"
emailfilter_profile:
comment: "Comment."
external: "enable"
feature_set: "flow"
file_filter:
entries:
-
action: "log"
comment: "Comment."
file_type:
-
name: "default_name_11 (source antivirus.filetype.name)"
filter: "<your_own_value>"
password_protected: "yes"
protocol: "smtp"
log: "enable"
scan_archive_contents: "enable"
status: "enable"
gmail:
log: "enable"
imap:
action: "pass"
log: "enable"
tag_msg: "<your_own_value>"
tag_type: "subject"
mapi:
action: "pass"
log: "enable"
msn_hotmail:
log: "enable"
name: "default_name_30"
options: "bannedword"
pop3:
action: "pass"
log: "enable"
tag_msg: "<your_own_value>"
tag_type: "subject"
replacemsg_group: "<your_own_value> (source system.replacemsg-group.name)"
smtp:
action: "pass"
hdrip: "disable"
local_override: "disable"
log: "enable"
tag_msg: "<your_own_value>"
tag_type: "subject"
spam_bwl_table: "45 (source emailfilter.bwl.id)"
spam_bword_table: "46 (source emailfilter.bword.id)"
spam_bword_threshold: "47"
spam_filtering: "enable"
spam_iptrust_table: "49 (source emailfilter.iptrust.id)"
spam_log: "disable"
spam_log_fortiguard_response: "disable"
spam_mheader_table: "52 (source emailfilter.mheader.id)"
spam_rbl_table: "53 (source emailfilter.dnsbl.id)"
yahoo_mail:
log: "enable"
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
- http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- revision - Internal revision number returned: always type: str sample: 17.0.2.10658
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- status - Indication of the operation's result returned: always type: str sample: success
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3