Simulation of FortiMail with MSISDN Jeremy Andreas Channel Manager Indonesia Fortinet Confidental
BackGround The Customer is interesting about Fortimail ability to block spam and log MSISDN from mobile users. They want to look at their self (do PoC), but they don’t want to do at their real network. So we must create a simulation about it. Fortinet Confidental
SPAMMER’S MSISDN CAN BE LOGGED LISTEN FOR RADIUS MESSAGE Diagram for PoC LOGICAL DIAGRAM TRANSPARENT MODE MTAs INTERNET OUTGOING SMTP radclient MUAs SPAMMER’S MSISDN CAN BE LOGGED LISTEN FOR RADIUS MESSAGE Radius Server : IAS PHYSICAL DIAGRAM switch radclient INTERNET 10.190.152.87 10.190.152.1 10.190.152.231 Radius Server : IAS Fortinet Confidental
Devices Need and Configuration FortiMail with MSISDN enable To enable the msisdn log, you can type: Fortimail# set log msisdn enable To see the log of msisdn you can type: Fortimail# get log msisdn Radius Server: IAS Configure to forward Radius Accounting to FortiMail with standard Radius Accounting Port (1813) Radius Client: radclient from freeradius Simulate the accounting request to IAS with sending : echo "Acct-Status-Type=1,Framed-IP-Address=87.152.190.10,Calling-Station-Id=54321543211" | radclient 10.190.152.231 acct testing123” Mail Bomber software Configure to send mass mailer (acting like a spammer) Switch Fortinet Confidental
How to Work RadClient simulate the Accounting Packet to IAS. In radclient you can type: echo "Acct-Status-Type=1,Framed-IP-Address=87.152.190.10,Calling-Station-Id=54321543211" | radclient 10.190.152.231 acct testing123” Radius Server (IAS) forward the Radius Accounting Packet to FortiMail FortiMail received the accounting and log the MSISDN and mapped it with mail traffic The Spam traffic will be block and we can get the MSISDN for the spammer. Fortinet Confidental