diff --git a/CHANGES b/CHANGES
index 5d8026bbeb..9b13ae7d72 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,10 @@
+8.0.0-dev.100 | 2025-05-15 10:21:53 +0100
+
+  * Add STLS command to POP3 DPD signature.
+
+    Pop3 connections that use StartTLS now should be detected on non-default ports.
+	  (Jan Grashoefer, Corelight)
+
 8.0.0-dev.96 | 2025-05-13 19:50:47 +0200
 
   * fix for ZAM optimization when an aggregate is modified inside of a loop (Vern Paxson, Corelight)
diff --git a/VERSION b/VERSION
index c8223d1975..be882c4fc3 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-8.0.0-dev.96
+8.0.0-dev.100
diff --git a/scripts/base/protocols/pop3/dpd.sig b/scripts/base/protocols/pop3/dpd.sig
index 8d7e3567da..8793f249a1 100644
--- a/scripts/base/protocols/pop3/dpd.sig
+++ b/scripts/base/protocols/pop3/dpd.sig
@@ -8,6 +8,6 @@ signature dpd_pop3_server {
 
 signature dpd_pop3_client {
   ip-proto == tcp
-  payload /(|.*[\r\n])[[:space:]]*([uU][sS][eE][rR][[:space:]]|[aA][pP][oO][pP][[:space:]]|[cC][aA][pP][aA]|[aA][uU][tT][hH])/
+  payload /(|.*[\r\n])[[:space:]]*([uU][sS][eE][rR][[:space:]]|[aA][pP][oO][pP][[:space:]]|[cC][aA][pP][aA]|[aA][uU][tT][hH]|[sS][tT][lL][sS])/
   tcp-state originator
 }
diff --git a/testing/btest/scripts/base/protocols/pop3/starttls.zeek b/testing/btest/scripts/base/protocols/pop3/starttls.zeek
index ca3cf96d40..94d34bedaa 100644
--- a/testing/btest/scripts/base/protocols/pop3/starttls.zeek
+++ b/testing/btest/scripts/base/protocols/pop3/starttls.zeek
@@ -5,15 +5,4 @@
 
 @load base/protocols/conn
 @load base/protocols/ssl
-
-module POP3;
-
-const ports = {
-	110/tcp
-};
-redef likely_server_ports += { ports };
-
-event zeek_init() &priority=5
-	{
-	Analyzer::register_for_ports(Analyzer::ANALYZER_POP3, ports);
-	}
+@load base/protocols/pop3