spamBlocker Actions, Tags, and Categories

You configure the action that spamBlocker takes based on the spam category of each email message.

spamBlocker Actions

The Firebox uses spamBlocker actions to apply decisions about the delivery of email messages. When a message is assigned to a category, the related action is applied. When the spamBlocker service is unavailable, you can select to Allow or Deny messages. Not all actions are supported when you use spamBlocker with the POP3 and IMAP proxies.

Allow

Allows the email message to go through the Firebox.

Add a subject tag

Allows the email message to go through the Firebox, but inserts text in the subject line of the email message to mark it as spam or possible spam. You can use the default tags or you can customize them, as described in the next section. You can also create rules in your email reader to sort the spam automatically based on the subject tags, as described in Create Rules for Your Email Reader.

Quarantine (SMTP only)

Sends the email message to the Quarantine Server. The Quarantine option is supported only when you use spamBlocker with the SMTP-proxy. The IMAP and POP3 proxies do not support this option. If the Quarantine Server cannot be contacted, the message is temporarily rejected.

Deny (SMTP only)

Stops delivery of the email message to the mail server. The Firebox sends this 571 SMTP message to the sending email server: Delivery not authorized, message refused.The Deny option is supported only when you use spamBlocker with the SMTP-proxy. The IMAP and POP3 proxies do not support this option.

Drop (SMTP only)

Drops the connection immediately. The Firebox does not give any error messages to the sending server. The Drop option is supported only if you use spamBlocker with the SMTP-proxy. The IMAP and POP3 proxies do not support this option.

spamBlocker Tags

If you select the spamBlocker action to add a tag to a category of email messages, the Firebox adds a text string to the subject line of the message. You can use the default tags provided, or you can create a custom tag. The maximum length of the tag is 30 characters.

This example shows the subject line of an email message that spamBlocker classifies as spam. The tag added is the default tag: ***SPAM***.
Subject: ***SPAM*** Free auto insurance quote

This example shows a custom tag: [SPAM]
Subject: [SPAM] You've been approved!

spamBlocker Categories

spamBlocker assigns email messages to the Confirmed Spam category or ignores the message as not spam.

The Confirmed Spam category includes email messages from known spammers.

If you use spamBlocker with the SMTP-proxy, select the Deny action for this category.

If you use spamBlocker with the IMAP or POP3 proxy, select the Add a subject tag action for this category.

WatchGuard has retired the old spamBlocker engine used by Fireware versions lower than v12.5.4. If your Firebox runs one of these versions, you might see configuration options that are no longer supported. For more information, see this Knowledge Base article.

See the spamBlocker Category for a Message

After spamBlocker categorizes a message, it adds the spam category to the full email message header as a spam score. To see the spam category, you must review the full email message header.

To find the spam score for an email message in Microsoft Outlook 2010 and higher:

  1. In an open email message, select the File tab.
  2. Click Properties.
  3. In the Internet headers text box, review the message header information.

In the Internet headers text box, the spam score shows in this line:

X-WatchGuard-Spam_Score:

Here is an example of how the spam score shows in the email message header:

X-WatchGuard-Spam-Score: 0, clean

The number on this line is the spam category.

0 — Clean

100 — Spam

See Also

spamBlocker Requirements

About the Quarantine Server

Activate and Configure spamBlocker