You can use spamBlocker to set actions for email messages that are identified as different categories of spam.
In Policy Manager, you can enable and disable spamBlocker and configure spamBlocker settings for POP3 proxy actions.
To configure spamBlocker for a POP3 proxy action, from Policy Manager:
- Edit a POP3 proxy action. For more information, see About Proxy Actions.
The Edit POP3 Proxy Action Configuration dialog box appears.
- In the Categories list, select spamBlocker.
spamBlocker settings in a POP3 proxy action in Policy Manager
- Select the Enable spamBlocker check box.
- From the drop-down lists next to each spam category, select the action you want spamBlocker to take. WatchGuard recommends you use the Add subject tag action for messages categorized as Suspect. If you select this action, you can change the tag that appears in the text box to the right of the drop-down list.
The Quarantine, Deny, and Drop actions are available only for the SMTP proxy. For more information about spamBlocker actions and tags, see spamBlocker Actions, Tags, and Categories.
- If you want to send a log message each time spamBlocker takes an action, select the Send log message check box for the action. If you do not want to record log messages for an action, clear this check box.
- To specify how the Firebox handles incoming email when the Firebox cannot connect to the spamBlocker server, select an option from the When the spamBlocker server is unavailable drop-down list. We recommend you use the default Allowed action.
- If you set this option to Denied for the POP3, IMAP, or SMTP proxy, it causes a conflict with Microsoft Outlook. When Outlook starts a connection to the email server, spamBlocker tries to contact the spamBlocker server. If the spamBlocker server is not available, spamBlocker stops the email download. When this happens, a cycle starts. Outlook tries to download email and spamBlocker stops the download. This continues until the Firebox can connect to the spamBlocker server, or the request is dropped because the proxy times out, or you cancel the request.
- If you set this option to Denied with the SMTP proxy, the Firebox sends this 450 SMTP message to the sending email server: “Mailbox is temporarily unavailable.”
- To add a message to the log file if an email message is scanned by spamBlocker but is not designated as Confirmed Spam, Bulk, or Suspect, select the Send a log message for each email classified as not spam check box. If you do not want to add a message to the log file in this situation. clear the check box.
- (Optional) Add spamBlocker exception rules, as described in About spamBlocker Exceptions.
- (Optional) Configure Virus Outbreak Detection, as described in Configure Virus Outbreak Detection Actions.
- Click OK.
The Firebox uses the HTTP protocol to send requests to the spamBlocker server. If the traffic from the Firebox must go through a perimeter firewall to reach the Internet, make sure the firewall does not block HTTP traffic.
After you enable spamBlocker for a proxy action or policy, you can define global spamBlocker settings. These settings apply to all spamBlocker configurations. Click Settings to see or modify the global spamBlocker configuration settings. For more information, see Configure Global spamBlocker Settings.