This page contains configuration options for the spamassassin mail filter and how it should manage the e-mails recognised as spam.

POP3: Global settings

On this page the POP3 proxy can be enabled/disabled for each network zone as well as the global configuration options.

Zone Settings

The status for the POP3 proxy is displayed for all of the configured default network zones GREEN, BLUE, and ORANGE. To add any additional zones which were configured you can click the Add new Zone button in the top right. To enable/disable the POP3 proxy service for any given zone, simply click the Edit icon actedit and check/uncheck the Enable checkbox.

Global Settings

Scan for virus

Enable virus scanning for POP3 traffic.

Spam filter

Enable spam filtering for the POP3 traffic.

Intercept SSL/TLS encrypted connections

When the checkbox is ticked, also connections over SSL/TLS (POP3S) are scanned for spam and viruses (if enabled).

Firewall logs outgoing connections

Enables firewall logging for outgoing POP3 connections.

Spam filter

This page allows to configure how the POP3 proxy should proceed when it finds a spam e-mail.


Even when an email has been marked as spam, it will be delivered to the original recipient. Indeed, not delivering it would break RFC 2821, which states that once an email is accepted, it must be delivered to the recipient.

Spam subject tag

The prefix that will be added to the subject of the e-mail recognised as spam.

Add spam report to mail body

Tick the checkbox to replace, in each spam e-mail, the body of the original e-mail with a report of the spamassassin daemon with the reasons why the e-mail had been marked as spam.

Required hits

The number value here refers to the required spam score for a message to be considered as spam. The default setting is 5 which is widely considered to be the industry threshold and is recommended for most users.


The spam score lower than 5 will likely result in more false positives (valid email marked as spam) whereas a value higher than 5 will likely result in more false negatives (spam email not marked).

Activate support for Japanese emails

Tick this checkbox to activate support for Japanese character sets in e-mails to search for Japanese spam.

Enable message digest spam detection (pyzor)

Tick the checkbox to process spam e-mails using pyzor (in short, spam e-mails are converted to a unique digest message that can be used to identify further analogous spam e-mails).


The activation of this option might considerably slow down the POP3 proxy!

White list

A list of e-mail addresses or whole domains, specified using wildcards, one per line. E-mails sent from these addresses and domains will never be checked for spam.

Black list

A list of e-mail addresses or whole domains, specified using wildcards, one per line. E-mails sent from these addresses and domains will always be marked as spam.


To wildcard a whole domain use the following syntax: *@example.com

The settings can be saved by clicking on the Save Button.

Encrypted e-mails.

The UTM is unable to scan the e-mails sent through a POP3 SSL connection since it is an encrypted channel.

Therefore, to allow a client to use POP3 over SSL it is necessary to appropriately configure it and to disable the encryption from the client to the UTM. Encryption should be disabled (i.e., do not use SSL), but the port for POP3 traffic in plain text changed from the default 110 to 995.

After setting this configuration, the connection from the client to the UTM will remain in plain text, but it will use port 995, making the UTM setup an encrypted POP3 over SSL connection from it to the POP3 server.