Activate and Configure spamBlocker

You can enable spamBlocker in SMTP, IMAP, and POP3-proxy policies. Before you enable spamBlocker, make sure you have met all requirements, as described in spamBlocker Requirements.

Activate spamBlocker

You can use a wizard to enable spamBlocker in existing SMTP, IMAP, and POP3-proxies and to add a new SMTP, IMAP, or POP3 proxy to your Firebox configuration.

When you use the wizard to enable spamBlocker for an existing proxy policy that uses a predefined proxy action, the wizard automatically creates a user-defined proxy action, enables spamBlocker in the new proxy action, and assigns that proxy action to the policy.

If you use the wizard to create an SMTP policy, the wizard creates a default SMTP-proxy policy, which uses static NAT. To create this default SMTP-proxy policy, your Firebox must have at least one external interface with a static IP address or PPPoE. The wizard adds only one policy even if you have more than one external interface. The To list of the policy has a static NAT entry (the static IP address of the first external interface to the specified email service IP address). If this default policy does not meet your requirements, add the SMTP-proxy policy before you use this wizard to enable spamBlocker.

  1. From Fireware Web UI, select Subscription Services > spamBlocker.
    The Activate spamBlocker Wizard starts.
  2. Click Run Wizard.
    The Welcome page opens.
  3. Click Next.
    If the Firebox configuration includes existing IMAP, POP3, or SMTP-proxy policies that do not have spamBlocker enabled, the list of proxy actions for those policies opens.

Screen shot of the spamBlocker wizard in Fireware Web UI

  1. To activate spamBlocker for a proxy action, select the check box next to the proxy action.
  2. Click Next.
    The Create new proxy policies page opens.

Screen shot of the Create new proxy policies step in the spamBlocker wizard in Fireware Web UI

  1. To create additional proxy policies, select the types of proxy policy to add.
    You cannot use the activation wizard to add a proxy policy of a type that already exists.
  2. If you select Incoming SMTP, specify the email server IP address.
  3. Click Next.
  4. Click Finish to complete the activation wizard.
  1. In Policy Manager, select Subscription Services > spamBlocker > Activate.
    The Activate spamBlocker wizard starts.

Screen shot of the Activate spamBlocker Wizard Welcome screen

  1. Click Next.
    If the Firebox configuration includes existing IMAP, POP3, or SMTP-proxy policies, and spamBlocker is not enabled in at least one policy, the list of those policies opens.

Screen shot of the Apply spamBlocker settings to your policies step

  1. To enable spamBlocker for a proxy action, select the check box.
  2. Click Next.
    If your configuration does not yet include an IMAP, SMTP, or POP3-proxy policy, the Create new proxy policies step opens.

Screen shot of the Create new proxy policies step

  1. To add a new proxy policy, select the type of proxy you want to add. You cannot use the activation wizard to add a proxy policy of a type that already exists.
  2. If you select an SMTP-proxy, type the email server IP address.
  3. Click Next.

Screen shot of the spamBlocker Wizard activation complete page

  1. To open the spamBlocker configuration page after you finish the activation wizard, select the check box at the bottom of the last page.
  2. Click Finish.

After you use enable spamBlocker for your POP3, IMAP, or SMTP-proxy policies, you can edit the spamBlocker settings used for each proxy action.

Configure spamBlocker Actions

In the spamBlocker settings, you can configure spamBlocker actions for each proxy policy, and you can enable and disable spamBlocker for each proxy policy.

In Fireware Web UI, before you can enable spamBlocker manually for an SMTP, IMAP, or POP3-proxy policy, you must configure the policy to use a user-defined proxy action. To create a user-defined proxy action, you can clone the default (predefined) proxy action, and specify that proxy action in the proxy policy. To do this automatically, use the spamBlocker Activation Wizard, described in the previous section.

WatchGuard has retired the old spamBlocker engine used by Fireware versions lower than v12.5.4. If your Firebox runs one of these versions, you might see configuration options that are no longer supported. For more information, go to this Knowledge Base article.

  1. Select Subscription Services > spamBlocker.
    The spamBlocker configuration page opens, with a list of the SMTP, IMAP, and POP3-proxy actions configured on your Firebox. The Firewall Policies column shows whether the proxy action is used by a policy on your Firebox. The Status column shows whether spamBlocker is enabled for each proxy action.

Screen shot of the spamBlocker configuration page

  1. Select a user-defined proxy action. Click Configure. Tip!

Screen shot of the Web UI spamBlocker Configuration page

  1. If spamBlocker is not already enabled, select the Enable spamBlocker check box.
  2. From the When email is spam drop-down list, select the action you want spamBlocker to take for email classified as spam. If you select, Add subject tag, type the text you want to show in the message subject line.
  3. If you want to send a log message each time spamBlocker takes an action, select the Send a log message check box for the action. If you do not want to record log messages for an action, clear the check box.
  4. From the When server is unavailable drop-down list, select the action you want the Firebox to take for incoming email when the Firebox cannot connect to the spamBlocker server. We recommend you do not change the default Allow action.
  • If you select Deny for the POP3, IMAP, or SMTP-proxy, it causes a conflict with Microsoft Outlook. When Outlook starts a connection to the email server, spamBlocker tries to contact the spamBlocker server. If the spamBlocker server is not available, spamBlocker stops the email download. When this happens, a cycle starts. Outlook tries to download email and spamBlocker stops the download. This continues until the Firebox can connect to the spamBlocker server, or the request is dropped because the proxy times out, or you cancel the request. Restart Microsoft Outlook.
  • If you select Deny with the SMTP-proxy, the Firebox sends this 450 SMTP message to the sending email server: “Mailbox is temporarily unavailable.”
  1. To send a log message when spamBlocker scans an email but does not designate it as spam, select the Send a log message for each email classified as not spam check box.
  2. (Optional) Add spamBlocker exception rules, as described in About spamBlocker Exceptions.
  3. Click Save.

  1. Select Subscription Services > spamBlocker > Configure.
    The spamBlocker dialog box opens with a list of the SMTP and POP3 proxies on your Firebox, and whether spamBlocker is enabled for each one.

Screen shot of the spamBlocker configuration page showing the SMTP and POP3 proxy policies

  1. Select a policy. Click Configure.
    The spamBlocker Configuration dialog box for the policy opens.

Screenshot of the spamBlocker Configuration dialog box

  1. Select the Enable spamBlocker check box.
  2. From the drop-down list next to Confirmed Spam, select the action you want spamBlocker to take. WatchGuard recommends you select the Add subject tag action for confirmed spam. If you select this action, you can change the text that appears in the text box next to the drop-down list.

The Quarantine, Deny, and Drop actions are available only for the SMTP-proxy. For more information about spamBlocker actions and tags, go to spamBlocker Actions, Tags, and Categories.

  1. To send a log message each time spamBlocker takes an action, select the Send log message check box. If you do not want to record log messages for an action, clear this check box.
  2. To specify how the Firebox handles incoming email when the Firebox cannot connect to the spamBlocker server, select an option from the When the spamBlocker server is unavailable drop-down list. We recommend you use the default Allowed action.
  • If you select Denied for the POP3, IMAP, or SMTP-proxy, it causes a conflict with Microsoft Outlook. When Outlook starts a connection to the email server, spamBlocker tries to contact the spamBlocker server. If the spamBlocker server is not available, spamBlocker stops the email download. When this happens, a cycle starts. Outlook tries to download email and spamBlocker stops the download. This continues until the Firebox can connect to the spamBlocker server, or the request is dropped because the proxy times out, or you cancel the request.
  • If you select Denied with the SMTP-proxy, the Firebox sends this 450 SMTP message to the sending email server: “Mailbox is temporarily unavailable.”
  1. To send a log message when spamBlocker scans an email but does not designate it as spam, select the Send a log message for each email classified as not spam check box.
  2. (Optional) Add spamBlocker exception rules, as described in About spamBlocker Exceptions.
  3. Click OK.

The Firebox uses the HTTPS protocol to send requests to the spamBlocker server. If traffic from the Firebox must go through a perimeter firewall to reach the Internet, make sure the firewall does not block HTTPS traffic.

After you enable spamBlocker for a proxy action or policy, you can define global spamBlocker settings. These settings apply to all spamBlocker configurations. Click Settings to see or modify the global spamBlocker configuration settings. For more information, go to Configure Global spamBlocker Settings.

Related Topics

spamBlocker Requirements

Video tutorial: Getting Started with spamBlocker