diff --git a/core/admin/mailu/__init__.py b/core/admin/mailu/__init__.py
index af45e1fa..fdb000b9 100644
--- a/core/admin/mailu/__init__.py
+++ b/core/admin/mailu/__init__.py
@@ -45,7 +45,8 @@ default_config = {
     'DISABLE_STATISTICS': 'False',
     'WELCOME': 'False',
     'WELCOME_SUBJECT': 'Dummy welcome topic',
-    'WELCOME_BODY': 'Dummy welcome body'
+    'WELCOME_BODY': 'Dummy welcome body',
+    'WEB_ADMIN': '/admin'
 }
 
 # Load configuration from the environment if available
@@ -78,12 +79,12 @@ def get_locale():
 # Login configuration
 login_manager = flask_login.LoginManager()
 login_manager.init_app(app)
-login_manager.login_view = ".login"
+login_manager.login_view = "ui.login"
 
 @login_manager.unauthorized_handler
 def handle_needs_login():
     return flask.redirect(
-        flask.url_for('.login', next=flask.request.endpoint)
+        flask.url_for('ui.login', next=flask.request.endpoint)
     )
 
 @app.context_processor
diff --git a/core/admin/mailu/internal/views.py b/core/admin/mailu/internal/views.py
index dc893b66..b308bd31 100644
--- a/core/admin/mailu/internal/views.py
+++ b/core/admin/mailu/internal/views.py
@@ -2,6 +2,7 @@ from mailu import db, models, app, limiter
 from mailu.internal import internal, nginx
 
 import flask
+import flask_login
 
 
 @internal.route("/auth/email")
@@ -17,3 +18,13 @@ def nginx_authentication():
     for key, value in headers.items():
         response.headers[key] = str(value)
     return response
+
+
+@internal.route("/auth/admin")
+def admin_authentication():
+    """ Fails if the user is not an authenticated admin.
+    """
+    if (not flask_login.current_user.is_anonymous
+        and flask_login.current_user.global_admin):
+        return ""
+    return flask.abort(403)
diff --git a/core/admin/mailu/ui/templates/sidebar.html b/core/admin/mailu/ui/templates/sidebar.html
index f9b94016..5f18e408 100644
--- a/core/admin/mailu/ui/templates/sidebar.html
+++ b/core/admin/mailu/ui/templates/sidebar.html
@@ -36,7 +36,7 @@
         <i class="fa fa-ticket"></i> <span>{% trans %}Authentication tokens{% endtrans %}</span>
       </a>
     </li>
-    
+
     <li class="header">{% trans %}Administration{% endtrans %}</li>
     {% if current_user.global_admin %}
     <li>
@@ -59,6 +59,11 @@
         <i class="fa fa-reply-all"></i> <span>{% trans %}Relayed domains{% endtrans %}</span>
       </a>
     </li>
+    <li>
+      <a href="{{ config["WEB_ADMIN"] }}/antispam/">
+        <i class="fa fa-trash-o"></i> <span>{% trans %}Antispam{% endtrans %}</span>
+      </a>
+    </li>
     {% endif %}
     {% if current_user.manager_of or current_user.global_admin %}
     <li>
diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf
index d1335d7d..438e9a9a 100644
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@@ -71,11 +71,20 @@ http {
       location {{ WEB_ADMIN }} {
         return 301 {{ WEB_ADMIN }}/ui;
       }
+
       location ~ {{ WEB_ADMIN }}/(ui|static) {
         rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break;
         proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }};
         proxy_pass http://admin;
       }
+
+      location {{ WEB_ADMIN }}/antispam {
+        rewrite ^{{ WEB_ADMIN }}/antispam/(.*) /$1 break;
+        auth_request /internal/auth/admin;
+        proxy_set_header X-Real-IP "";
+        proxy_set_header X-Forwarded-For "";
+        proxy_pass http://antispam:11334;
+      }
       {% endif %}
 
       {% if WEBDAV != 'none' %}
@@ -85,6 +94,14 @@ http {
       }
       {% endif %}
       {% endif %}
+
+      location /internal {
+        internal;
+
+        proxy_pass http://admin;
+        proxy_pass_request_body off;
+        proxy_set_header Content-Length "";
+      }
     }
 
     # Forwarding authentication server