Contents
- About this Help
- Sources of information about the application
- Kaspersky Secure Mail Gateway
- Application licensing
- About the End User License Agreement
- About the license
- About the license certificate
- About the key
- About the key file
- About data provision
- Viewing information about the license and added keys
- Adding a key
- Removing a key
- Modes of Kaspersky Secure Mail Gateway operation under license
- Notification about license expiration
- Mail server protection status
- Participating in Kaspersky Security Network
- Deploying the Kaspersky Secure Mail Gateway virtual machine image
- Preparing to deploy
- Step 1. Selecting a virtual machine image
- Step 2. Viewing details of the virtual machine image
- Step 3. Reviewing the License Agreement
- Step 4. Naming the virtual machine
- Step 5. Selecting a destination storage for the virtual machine
- Step 6. Selecting a storage option for virtual machine files
- Step 7. Starting and finishing deployment of the virtual machine image
- Initial configuration of Kaspersky Secure Mail Gateway
- Preparing for initial configuration
- Step 1. Selecting the End User License Agreement language
- Step 2. Reviewing the License Agreement
- Step 3. Selecting the mode of operation of Kaspersky Secure Mail Gateway
- Step 4. Configuring participation in Kaspersky Security Network
- Step 5. Selecting the input language for Kaspersky Secure Mail Gateway
- Step 6. Setting the time zone
- Step 7. Assigning the host name (myhostname)
- Step 8. Configuring the network interface
- Step 9. Configuring network routes
- Step 10. Configuring DNS settings
- Step 11. Setting the web interface administrator password
- Step 12. Setting the administrator password for using the console
- Step 13. Specifying email addresses of the mail server administrator
- Step 14. Configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center
- Step 15. Checking the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center
- Step 16. Displaying the settings of the connection to the web interface
- Starting the Kaspersky Secure Mail Gateway virtual machine
- Connecting to the Kaspersky Secure Mail Gateway web interface
- Integrating Kaspersky Secure Mail Gateway into the corporate mail infrastructure
- Direct integration using a Quick Setup Wizard
- Integration through an edge gateway (SMTP verification of recipient email addresses is enabled) with the help of a wizard
- Step 1. Adding local domains (relay_domains)
- Step 2. Configuring email routing (transport_map)
- Step 3. Entering address of your Edge Gateway (relayhost)
- Step 4. Adding trusted networks and network hosts (mynetworks)
- Step 5. Finishing integration of Kaspersky Secure Mail Gateway through an edge gateway (SMTP verification of recipient email addresses is enabled)
- Integration through an edge gateway (SMTP verification of recipient email addresses is disabled) with the help of a wizard
- Step 1. Configuring email routing (transport_map)
- Step 2. Entering address of your Edge Gateway (relayhost)
- Step 3. Adding trusted networks and network hosts (mynetworks)
- Step 4. Finishing integration of Kaspersky Secure Mail Gateway through an edge gateway (SMTP verification of recipient email addresses is disabled)
- Configuring MTA settings
- Kaspersky Secure Mail Gateway Monitoring
- Kaspersky Secure Mail Gateway database update
- Upgrading Kaspersky Secure Mail Gateway via the web interface
- Anti-Virus protection
- About Anti-Virus protection
- About computer protection against certain legitimate applications
- About Anti-Virus protection status
- Enabling and disabling Anti-Virus protection of messages
- Enabling and disabling Anti-Virus scanning for a rule
- Configuring Anti-Virus engine settings
- Setting default values for Anti-Virus engine settings
- Configuring actions on messages during Anti-Virus scanning
- Configuring tags added to message subjects after Anti-Virus scanning
- Configuring Anti-Virus scan restrictions and exclusions
- Anti-Spam protection
- About Anti-Spam protection
- About Anti-Spam message scan status labels
- Enabling and disabling Anti-Spam protection of messages
- Enabling and disabling Anti-Spam scanning of messages for a rule
- Configuring Anti-Spam engine settings
- Setting default values for Anti-Spam engine settings
- Configuring the custom DNSBL list for the Anti-Spam engine
- Configuring the custom SURBL list for the Anti-Spam engine
- Configuring Anti-Spam scan settings for a rule
- Configuring Anti-Spam scan actions on messages
- Configuring tags added to message subjects after Anti-Spam scanning
- Anti-Phishing protection
- About Anti-Phishing protection
- About Anti-Phishing message scan status labels
- Enabling and disabling Anti-Phishing protection of messages
- Enabling and disabling Anti-Phishing scanning of messages for a rule
- Configuring Anti-Phishing engine settings
- Setting default values for Anti-Phishing engine settings
- Configuring Anti-Phishing scan actions on messages
- Configuring tags added to message subjects after Anti-Phishing scanning
- Content filtering of messages
- About content filtering
- About message content filtering status labels
- Enabling and disabling content filtering of messages
- Enabling and disabling content filtering of messages for a rule
- Configuring settings of message content filtering for a rule
- Configuring actions to take on messages during content filtering
- Using message processing rules
- About message processing rules
- Creating message processing rules
- Creating a copy of a message processing rule
- Configuring lists of message senders and recipients for a rule
- Deleting message processing rules
- Enabling and disabling a message processing rule
- Changing the message processing rule priority
- Connecting to an LDAP server
- About the connection to an LDAP server
- Connecting to and disconnecting from an LDAP server
- Adding a connection to an LDAP server
- Deleting a connection to an LDAP server
- Enabling and disabling a connection to an LDAP server
- Configuring the connection to an LDAP server
- Configuring the LDAP server connection filters
- Kaspersky Secure Mail Gateway email notifications
- Kaspersky Secure Mail Gateway disclaimers and warnings
- About email disclaimers and insecure message warnings
- Creating a disclaimer or warning template
- Editing a disclaimer or warning template
- Deleting a disclaimer or warning template
- Enabling and disabling message disclaimers for a rule
- Adding a message scanning event disclaimer for a rule
- Adding an insecure message warning for a rule
- Backup
- Message authentication
- About message authentication
- Connecting to a DNS to perform message authentication
- Enabling and disabling SPF message authentication
- Enabling and disabling DKIM message authentication
- Enabling and disabling DMARC message authentication
- Enabling and disabling message authentication for a rule
- Configuring additional SPF message authentication settings for a rule
- Configuring additional DKIM message authentication settings for a rule
- Configuring tags added to message subjects after SPF message authentication
- Configuring tags added to message subjects after DKIM message authentication
- Configuring tags added to message subjects after DMARC message authentication
- Configuring actions on messages during DMARC message authentication
- Configuring detection of TempError during message authentication
- Preparing to configure SPF and DMARC message authentication for outgoing messages
- SMTP verification of recipient email addresses
- DKIM signature for outgoing messages
- About the DKIM signature for outgoing messages
- Enabling and disabling the DKIM signature for outgoing messages
- Creating the DKIM key
- Importing the DKIM key from file
- Deleting the DKIM key
- Preparing to add the DKIM signature to outgoing messages
- Adding the DKIM signature to messages from addresses from a specific domain
- Using the application via the SNMP protocol
- About receiving runtime information via the SNMP protocol
- Enabling and disabling the use of the SNMP protocol in Kaspersky Secure Mail Gateway
- Configuring the connection to the SNMP server
- Enabling and disabling the transmission of SNMP traps
- Enabling and disabling the transmission of SNMP traps for specific events
- Kaspersky Secure Mail Gateway event log
- Kaspersky Secure Mail Gateway operation reports
- About Kaspersky Secure Mail Gateway operation reports
- Generating a custom report
- Enabling and disabling daily reports
- Configuring the daily report
- Enabling and disabling weekly reports
- Configuring the weekly report
- Enabling and disabling monthly reports
- Configuring the monthly report
- Viewing Kaspersky Secure Mail Gateway operation reports
- Deleting Kaspersky Secure Mail Gateway operation reports
- Black and white lists of addresses
- Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
- About using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
- Configuring TLS security for Kaspersky Secure Mail Gateway in Server role
- Configuring TLS security for Kaspersky Secure Mail Gateway in Client role
- Creating a TLS certificate
- Deleting a TLS certificate
- Preparing a self-signed TLS certificate for import
- Preparing to import a TLS certificate signed by a certification authority
- Importing the TLS certificate from file
- Kaspersky Secure Mail Gateway message queue
- Kaspersky Secure Mail Gateway trace log
- Contacting the Technical Support Service
- Glossary
- Anti-Phishing
- Anti-Spam
- Anti-Virus
- Backup
- Directory service
- DKIM message authentication
- DMARC message authentication
- DNSBL
- Email notification
- Heuristic analysis
- Kaspersky Security Network (KSN)
- Key file
- LDAP
- Malicious links
- Phishing
- Probably infected object
- Reputation filtering
- SNMP agent
- SNMP trap
- Spam
- SPF message authentication
- SURBL
- Virtual machine
- AO Kaspersky Lab
- Information about third-party code
- Trademark notices
About this Help
This document provides help on configuring and using the web interface of Kaspersky Secure Mail Gateway.
This Help document is designed for administrators of local area networks and for specialists who are responsible for anti-virus protection of enterprise computers.
This Help document is intended to:
- Provide a readily searchable source of information for questions related to use of the application.
- Describe additional sources of information about the application and ways of receiving technical support.
In this Help
Help includes the following sections:
Sources of information about the application
This section lists the sources of information about the application.
This section contains a brief overview and description of the functionality of the Kaspersky Secure Mail Gateway solution. This section describes the modes of operation of Kaspersky Secure Mail Gateway, hardware and software requirements.
This section covers the main aspects of application licensing.
This section contains information about how to check the level of protection of the mail server and related problems.
Participating in Kaspersky Security Network
This section provides information about participation in Kaspersky Security Network.
Deploying the Kaspersky Secure Mail Gateway virtual machine image
This section provides step-by-step instructions for deploying the image of the Kaspersky Secure Mail Gateway virtual machine on a VMware ESXi host.
Initial configuration of Kaspersky Secure Mail Gateway
This section contains step-by-step instructions on initial configuration of Kaspersky Secure Mail Gateway, which you have to perform after deploying the image of a Kaspersky Secure Mail Gateway virtual machine.
Starting the Kaspersky Secure Mail Gateway virtual machine
This section describes how you can start the Kaspersky Secure Mail Gateway virtual machine.
Connecting to the Kaspersky Secure Mail Gateway web interface
This section provides instructions on connecting to the web interface of Kaspersky Secure Mail Gateway.
Integrating Kaspersky Secure Mail Gateway into the corporate mail infrastructure
This section provides instructions on how to integrate Kaspersky Secure Mail Gateway into the corporate mail infrastructure.
This section describes how you can configure the basic settings of the MTA.
Kaspersky Secure Mail Gateway Monitoring
This section provides information on mail traffic monitoring, the latest threats detected, and system resources.
Kaspersky Secure Mail Gateway database update
This section contains information about updating Anti-Virus, Anti-Spam, and Anti-Phishing databases.
Upgrading Kaspersky Secure Mail Gateway via the web interface
This section describes how you can upgrade Kaspersky Secure Mail Gateway via the web interface.
This section contains information about Anti-Virus protection of messages and how to configure it.
This section contains information about Anti-Spam protection of messages and how to configure it.
This section contains information about Anti-Phishing protection of messages and how to configure it.
This section contains information about content filtering of messages and how to configure it.
Using message processing rules
This section contains information about message processing rules, information on how to configure rule settings and configure Kaspersky Secure Mail Gateway settings for each message processing rule.
This section describes how you can connect Kaspersky Secure Mail Gateway to an LDAP server and configure the LDAP server connection settings and filters.
Kaspersky Secure Mail Gateway email notifications
This section contains information about Kaspersky Secure Mail Gateway email notifications and how to configure them.
Kaspersky Secure Mail Gateway disclaimers and warnings
This section contains information about Kaspersky Secure Mail Gateway disclaimers and warnings and instructions on how to configure them.
This section contains information about Backup and how to use it.
This section describes the message authentication technologies used by Kaspersky Secure Mail Gateway and provides instructions on how to configure message authentication.
SMTP verification of recipient email addresses
This section contains information about SMTP authentication of message recipients and how to configure it.
DKIM signature for outgoing messages
This section provides instructions on adding a DKIM signature to outgoing messages.
Using the application via the SNMP protocol
This section provides instructions on using the application via the SNMP protocol and configuring traps for events that occur during operation of Kaspersky Secure Mail Gateway.
Kaspersky Secure Mail Gateway event log
This section contains information about the event log and how to configure it.
Kaspersky Secure Mail Gateway operation reports
This section provides instructions on creating and viewing Kaspersky Secure Mail Gateway operation reports.
Black and white lists of addresses
This section contains information about black and white lists of email addresses that you can create and edit in Kaspersky Secure Mail Gateway.
Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
This section contains information about using the TLS protocol in the operation Kaspersky Secure Mail Gateway and instructions on how to configure the protocol usage settings.
Kaspersky Secure Mail Gateway message queue
This section contains information about Kaspersky Secure Mail Gateway message queues.
Kaspersky Secure Mail Gateway trace log
This section contains information about the Kaspersky Secure Mail Gateway trace log.
Contacting the Technical Support Service
This section describes the ways to get technical support and the terms on which it is available.
Glossary
This section contains a list of terms mentioned in the document and their definitions.
This section provides information about AO Kaspersky Lab.
Information about third-party code
This section provides information about the third-party code used in the application.
This section lists trademarks of third-party manufacturers that are used in the document.
Index
This section allows you to quickly find the required information within the document.
Document conventions
This document uses the following conventions (see table below).
Document conventions
Sample text |
Description of document convention |
|
|---|---|---|
Note that... |
Warnings are highlighted in red and boxed. Warnings show information about actions that may have unwanted consequences. |
|
We recommend that you use... |
Notes are boxed. Notes provide additional and reference information. |
|
|
Examples are given on a yellow background under the heading "Example". |
|
Update means... The Databases are out of date event occurs. |
The following elements are italicized in the text:
|
|
Press ENTER. Press ALT+F4. |
Names of keyboard keys appear in bold and are capitalized. Names of keys that are connected by a + (plus) sign indicate the use of a key combination. These keys have to be pressed simultaneously. |
|
Click the Enable button. |
Names of application interface elements, such as entry fields, menu items, and buttons, are set off in bold. |
|
To configure a task schedule: |
Introductory phrases of instructions are italicized and are accompanied by the arrow sign. |
|
In the command line, type The following message then appears:
|
The following types of text content are set off with a special font:
|
|
<User name> |
Variables are enclosed in angle brackets. Instead of a variable, the corresponding value should be inserted, with angle brackets omitted. |
Sources of information about the application
This section lists the sources of information about the application.
You can select the most suitable information source, depending on the issue's level of importance and urgency.
Sources of information for independent research
You can use the following sources to find information about the application:
- Application page on the Kaspersky Lab website.
- Application page on the Technical Support website (Knowledge Base).
- Kaspersky Secure Mail Gateway web interface help. The web interface lets you manage Kaspersky Secure Mail Gateway through a browser.
- Documentation.
If you cannot find the solution to an issue on your own, we recommend that you contact Technical Support at Kaspersky Lab.
An Internet connection is required to use information sources on the Kaspersky Lab website.
Application page on the Kaspersky Lab website.
The Kaspersky Lab website features an individual page for each application.
On the application page, you can view general information about an application, its functions and features.
The application's Knowledge Base page at the Technical Support Service website.
Knowledge Base is a section on the Technical Support website that provides advice on using Kaspersky Lab applications. The Knowledge Base comprises reference articles grouped by topics.
On the page of the application in the Knowledge Base, you can read articles that provide useful information, recommendations, and answers to frequently asked questions on how to purchase, install, and use the application.
Articles may provide answers to questions that are out of scope of Kaspersky Secure Mail Gateway, being related to other Kaspersky Lab applications. They also may contain news from the Technical Support Service.
Web interface help
Help provides information on managing protection, configuring the application, and performing common user tasks using the web-interface of Kaspersky Secure Mail Gateway (hereinafter the "web interface").
Documentation
The distribution kit includes the Kaspersky Secure Mail Gateway Deployment Guide that will help you install the application and perform initial configuration of the application settings.
Discussing Kaspersky Lab applications on the forum
If your question does not require an immediate answer, you can discuss it with the Kaspersky Lab experts and other users in our forum.
In this forum you can view existing topics, leave your comments, create new topics.
Page topKaspersky Secure Mail Gateway
This section contains information about the Kaspersky Secure Mail Gateway.
About Kaspersky Secure Mail Gateway
Kaspersky Secure Mail Gateway lets you deploy a virtual mail gateway and integrate it into the existing corporate mail infrastructure. An operating system, mail server, and Kaspersky Lab anti-virus application are preinstalled on the virtual mail gateway.
Kaspersky Secure Mail Gateway protects incoming and outgoing email against malware and spam and performs content filtering of messages.
Kaspersky Secure Mail Gateway:
- Scans incoming and outgoing email for spam, phishing, and malware. To respond to new threats promptly, Kaspersky Secure Mail Gateway protection components can use information from Kaspersky Security Network.
- Detects infected messages and disinfects attachments.
- Filters messages with links to malicious objects.
- Detects and blocks mass mailing (including marketing mail-outs).
- Saves backup copies of messages in Backup based on the verdicts of Anti-Virus, Anti-Spam, Anti-Phishing modules and Content filtering.
- Saves messages from Backup to file and delivers messages to recipients.
- Processes mail in accordance with the rules defined for groups of senders and recipients.
- Performs content filtering of messages by the name, type and size of attachment (Kaspersky Secure Mail Gateway can determine the actual format and type of attachment regardless of its extension).
- Lets you use mail filtering rules to specify users and user groups from Microsoft Active Directory and generic LDAP to enable message routing for certain email accounts and user groups.
- Notifies the sender, recipients, and administrator about messages containing objects that are infected, suspicious, password-protected, or cannot be scanned.
- Updates Anti-Virus, Anti-Spam, and Anti-Phishing databases from Kaspersky Lab update servers or custom resources (http and ftp servers) according to schedule or on demand.
- Receives application runtime statistics via the SNMP protocol and lets you configure the application to send SNMP traps when certain events occur.
- Lets you configure the settings and manage the application via a web interface.
- Sends and receives messages via a secure TLS/SSL link.
- Lets you verify the authenticity of senders using SPF, DKIM, and DMARC technologies.
- Lets you sign outgoing email messages with DKIM signatures.
- Lets you add notes to incoming and outgoing messages.
- Adds dangerous attachment warnings to incoming messages.
- Retrieves user information from various domains and grants users access to a personal Backup storage.
- Lets you add, edit or delete information about domains (including local domains) and email addresses, configure Kaspersky Secure Mail Gateway settings for these domains and email addresses and configure email routing.
- Lets you configure TLS security modes for situations when Kaspersky Secure Mail Gateway receives messages from another server (acts in the Server role) or sends messages to another server (acts in the Client role), as well as configure TLS settings for individual domains.
- Lets you monitor the status of email traffic and usage of system resources and view lists of the latest detected threats in the web interface of the application.
- Lets you monitor the program operating capacity via Kaspersky Security Center.
- Lets you view the application event Log and download it to the hard drive.
- Lets you upgrade the system via the web interface of Kaspersky Secure Mail Gateway.
- Lets you quickly configure the MTA using the Quick MTA Setup Wizard.
- Lets you add, change and delete TLS and DKIM encryption keys.
- Lets you generate and view reports on the email message processing rules.
Kaspersky Secure Mail Gateway is distributed in the virtual machine template format OVA (Open Virtual Appliance).
Deployment of the template creates a virtual machine with a preinstalled CentOS 6.7 operating system, a mail server, and Kaspersky Security for Linux Mail Server application (hereinafter also referred to as "Kaspersky Security"). After deploying the virtual machine, you can configure it using the Initial Configuration Wizard.
Kaspersky Secure Mail Gateway interface
Kaspersky Secure Mail Gateway is managed using a web interface.
The web interface window contains the following items:
- The management console tree in the left part of the application web interface window
- The workspace in the right part of the application web interface window
Kaspersky Secure Mail Gateway management console tree
The management console tree displays the sections of Kaspersky Secure Mail Gateway and subsections of functional components of Kaspersky Secure Mail Gateway.
Kaspersky Secure Mail Gateway management console tree displays the following sections:
- Monitoring – a section containing Kaspersky Secure Mail Gateway monitoring data.
- Rules – a section containing message processing rules.
- Domains – a section in which you can add, edit or delete information about domains and email addresses, configure Kaspersky Secure Mail Gateway settings for these domains and email addresses.
- Encryption Keys – a section in which you can add, edit or delete DKIM and TLS encryption keys.
- Backup – a section containing information about message Backup and a filter for finding messages in Backup.
- Message Queue – a section containing information about the message queue of the MTA mail agent and a filter for finding messages in the queue.
- Reports – a section containing reports on the operation of the mail server.
- Settings – a section that lets you configure Kaspersky Secure Mail Gateway settings.
- Quick MTA Setup is a setup wizard that configures the main MTA settings. You can use it to quickly integrate Kaspersky Secure Mail Gateway into your corporate mail infrastructure at the first startup of the Kaspersky Secure Mail Gateway web interface as well as redefine the MTA settings during subsequent startups of the Kaspersky Secure Mail Gateway web interface.
After you complete all steps of the Quick MTA Setup, Kaspersky Secure Mail Gateway resets all values of MTA setting and replaces them with values that you specified in the Quick MTA Setup Wizard.
Workspace of the Kaspersky Secure Mail Gateway web interface window
The workspace contains information about the sections that you select in the management console and control elements for editing the application settings.
Settings in the workspace of the main window are grouped into settings groups for sections that let you manage Kaspersky Secure Mail Gateway settings.
Hardware and software requirements
Software requirements for deploying the Kaspersky Secure Mail Gateway virtual machine image
An image of the Kaspersky Secure Mail Gateway virtual machine can be deployed on the following hypervisors:
- VMware ESXi 5.5 Update 2.
- VMware ESXi 6.0.
Hardware requirements for deploying the Kaspersky Secure Mail Gateway virtual machine image
To support deployment of the Kaspersky Secure Mail Gateway image, the resources allocated for the virtual machine must meet the following requirements:
- E1000 network adapter
- Available disk space: at least 100 GB
- At least 4 GB of RAM
- One quad-core processor
Software requirements for managing Kaspersky Secure Mail Gateway via the web interface
To run the web interface, one of the following web browsers must be installed on the computer:
- Mozilla Firefox version 38.0.5 (39) or later
- Internet Explorer version 11 or later
- Google Chrome version 43 or later
Distribution kit
The application is available from online stores of Kaspersky Lab (for example, http://www.kaspersky.com, in the eStore section) and from partner companies.
The content of the distribution kit may differ depending on the region in which the application is distributed.
If Kaspersky Secure Mail Gateway is purchased through an online store, the application is copied from the store's website. Information that is required for activating the application will be sent to you by email after your payment has been received.
Page topModes of operation of Kaspersky Secure Mail Gateway
Kaspersky Secure Mail Gateway can run in normal mode, limited traffic mode, or certified mode.
In normal mode, Kaspersky Secure Mail Gateway is allowed to access the Internet and connect to the following servers outside the IT infrastructure of your organization:
In limited traffic mode, Kaspersky Secure Mail Gateway is not allowed to access the Internet and connect to servers outside the IT infrastructure of your organization.
In limited traffic mode, the settings of Kaspersky Secure Mail Gateway components that require Internet access take the following values by default:
- KSN usage is disabled.
- SPF, DKIM, and DMARC message authentication is disabled. Connection to DNS servers is prohibited.
- The Enforced Anti-Spam Updates service is disabled in the settings of the Anti-Spam component.
- Kaspersky Secure Mail Gateway receives database updates from Kaspersky Security Center or a local source of Kaspersky Secure Mail Gateway database updates.
In certified mode, Kaspersky Secure Mail Gateway is not allowed to access the Internet and connect to servers outside the IT infrastructure of your organization. Besides, when Kaspersky Secure Mail Gateway operates in certified mode, the administrator is not allowed to view the event Log from the administrator's menu of Kaspersky Secure Mail Gateway Administration Console.
You can select the certified mode of operation of Kaspersky Secure Mail Gateway when deploying the image of a Kaspersky Secure Mail Gateway virtual machine.
Kaspersky Secure Mail Gateway traffic limit
To switch Kaspersky Secure Mail Gateway to limited traffic mode:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the KSN Statement link to open the KSN Statement window.
- Select Do not accept.
- Click the Apply button.
The KSN Statement window closes.
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the Allow connection to DNS server link to open the External services window.
- In the list to the right of the name of the Allow connection to DNS server setting, select No.
- Click the Apply button.
The External Services window closes.
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the Application database update settings section, click the Update source link to open the Application database update settings window.
- In the Update source section, select Kaspersky Security Center.
- Clear the If inaccessible, use Kaspersky Lab servers check box.
- Click OK.
The Application Database Update Settings window closes.
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click any of the following links: Use KSN, Use enforced Anti-Spam Updates Service, Use reputation filtering, or Maximum scanning time to open the Anti-Spam settings window.
- In the External Services section, select No in the Use enforced Anti-Spam Updates Service drop-down list.
- Click the Apply button.
The Anti-Spam settings window closes.
Kaspersky Secure Mail Gateway starts running in limited traffic mode.
About the End User License Agreement
The End User License Agreement is a binding agreement between you and AO Kaspersky Lab, stipulating the terms on which you may use the application.
Read through the terms of the End User License Agreement carefully before you start using the application.
You can view the terms of the License Agreement in the following ways:
- During installation of Kaspersky Secure Mail Gateway.
- By reading the license.txt file. This file is included in the application's distribution kit.
By confirming that you agree with the End User License Agreement when installing the application, you signify your acceptance of the terms of the End User License Agreement. If you do not accept the terms of the End User License Agreement, you must abort application installation and must not use the application.
Page topAbout the license
A license is a time-limited right to use the application, granted under the End User License Agreement.
A current license entitles you to the following kinds of services:
- Use of the application in accordance with the terms of the End User License Agreement
- Getting technical support
The scope of services and application usage term depend on the type of license under which the application is activated.
The following license types are provided:
- Trial – a free license intended for trying out the application.
A trial license is usually of limited duration. As soon as the license expires, all Kaspersky Secure Mail Gateway features are disabled. To continue using the application, you need to purchase a commercial license.
You can activate the application under a trial license only once.
- Commercial – a pay-for license that is provided when you buy the application.
When the commercial license expires, the application continues running with limited functionality (for example, Kaspersky Secure Mail Gateway database updates are not available). To continue using Kaspersky Secure Mail Gateway in fully functional mode, you must renew your commercial license.
We recommend renewing the license before its expiration to ensure maximum protection of your computer against security threats.
Page topAbout the license certificate
The License Certificate is a document provided with the key file.
The License Certificate contains the following license information:
- License number
- Details of the license holder
- Information about the application that can be activated using the license
- Limitation on the number of licensing units (devices on which the application can be used under the license)
- License start date
- License expiration date or license validity period
- License type
About the key
A key is a sequence of bits with which you can activate and subsequently use the application in accordance with the terms of the End User License Agreement (license type, license term, and licensing restrictions).
A key is generated by Kaspersky Lab. After you add a key to the application, the key is displayed in the application interface as a unique alphanumeric sequence. You can add a key to the application by using a key file.
Kaspersky Lab can black-list a key over violations of the End User License Agreement. If the key has been black-listed, you have to add a different key to continue using the application.
There are two types of keys: active and additional.
An active key is the key that is currently used by the application. A trial or commercial license key can be added as the active key. The application cannot have more than one active key.
An additional key is a key that entitles the user to use the application, but is not currently in use. An additional key automatically becomes active when the license associated with the current active key expires. An additional key can be added only if the active key is available.
A key for a trial license can be added only as the active key. A key for a trial license cannot be added as an additional key.
An additional key can be added only if the active key is available.
Kaspersky Secure Mail Gateway uses keys of the following types:
- Fully-functional key. When a key is added, the application works in full-functionality mode, performing scans for spam, phishing, viruses and other types of malware.
- Key for Anti-Virus protection. When this key is added, the application scans messages for viruses and other threats but does not scan messages for spam. The status label assigned by the application to a message following a spam scan contains information about limited functionality.
- Key for Anti-Spam and Anti-Phishing protection. When this key is added, the application scans messages for spam and phishing but does not scan messages for viruses and other threats. The status label assigned by the application to a message following a scan for viruses and other threats contains information about limited functionality.
The type of additional key should match the type of the previously added active key. If the type of the additional key does not match the type of a previously added active key, the available application functionality changes in accordance with the type of the additional key when the additional key becomes active.
Anti-Spam and Anti-Virus databases are updated regardless of key type.
About the key file
A key file is a file with the .key extension that you receive from Kaspersky Lab. Key files are designed to activate the application by adding a key.
You receive a key file at the email address that you provided when you bought Kaspersky Secure Mail Gateway or ordered the trial version of Kaspersky Security.
You do not need to connect to Kaspersky Lab activation servers in order to activate the application with a key file.
You can recover a key file if it is accidentally deleted. You may need a key file to register with Kaspersky CompanyAccount.
To recover a key file, do one of the following:
- Contact your license distributor
- Obtain a key file on the Kaspersky Lab website based on your existing activation code.
About data provision
Kaspersky Secure Mail Gateway operates with the use of data whose transmission and processing requires the consent of the Kaspersky Secure Mail Gateway administrator.
You can view the list of data and the terms on which it is used as well as give consent to data processing in the following agreements between your organization and Kaspersky Lab:
- In the End User License Agreement (for example, when installing Kaspersky Secure Mail Gateway or upgrading the system in the Settings section, System Upgrade subsection of the main window of the Kaspersky Secure Mail Gateway web interface).
According to the terms of the End User License Agreement that you have accepted, you consent to the automatic transmission to Kaspersky Lab of the information enumerated in the License Agreement under Data Submission. This information is needed to improve the level of mail server security.
- In the KSN Statement.
When you participate in Kaspersky Security Network, information obtained as a result of Kaspersky Secure Mail Gateway operation is automatically sent from the computer to Kaspersky Lab. The KSN Statement specifies the list of data that is transmitted.
Kaspersky Lab protects any information received in this way as prescribed by law and applicable rules of Kaspersky Lab.
Kaspersky Lab uses any retrieved information in anonymized form and as general statistics only. General statistics are automatically generated using original collected information and do not contain any private data or other confidential information. The original information received is destroyed as new information is accumulated (once a year). General statistics are stored indefinitely.
User data may be present in the following Kaspersky Secure Mail Gateway components:
- Message queue (file names, email addresses of message senders and recipients, message texts).
- Backup (file names, email addresses of message senders and recipients, message texts).
- Kaspersky Secure Mail Gateway operation reports (file names, email addresses of message senders and recipients).
- Kaspersky Secure Mail Gateway event log (email addresses of message senders and recipients, names of attachment files, IP addresses of computers of message senders).
- Trace files (files names, paths to files, proxy server names, user account data, IP addresses of computers that connect to Kaspersky Secure Mail Gateway database update sources, names and IP addresses of update sources, information about files downloaded and the download speed).
- Files storing settings of the connection to the LDAP server and proxy server (data of LDAP server and proxy server user accounts).
When Kaspersky Secure Mail Gateway connects to DNS, SURBL, and DNSBL servers, Kaspersky Secure Mail Gateway uses IP addresses and FQDN names of domains that contact these servers.
Managing Kaspersky Secure Mail Gateway via the administration console of Kaspersky Secure Mail Gateway in Technical Support Mode with super-user account privileges lets you manage dump settings. A dump is generated during application crashes and may be needed to analyze the causes of the crash. The dump may include any data, including fragments of messages and files analyzed.
The corporate LAN administrator is responsible for access to this information.
By default, dump generation in Kaspersky Secure Mail Gateway is disabled.
Data of the email message queue currently being processed by Kaspersky Secure Mail Gateway as well as data of LDAP server and proxy server user accounts are stored in Kaspersky Secure Mail Gateway in unencrypted form.
Such data can be accessed from the Kaspersky Secure Mail Gateway Administration Console in Technical Support Mode with super-user account privileges.
The administrator of Kaspersky Secure Mail Gateway must personally ensure the security of such data.
The administrator of Kaspersky Secure Mail Gateway is responsible for access to this information.
Data about events and processes of Kaspersky Secure Mail Gateway is logged and stored in the following Kaspersky Secure Mail Gateway logs:
- Event log
- Trace log
Viewing information about the license and added keys
To viewing information about the license and added keys,
in the main window of the application web interface, open the management console tree and select the Settings section and Licensing subsection.
The following key details appear in the Active key section of the workspace:
- Alphanumeric sequence of the key
- Key status
- License type
- Number of users
- Application activation date
- Key expiration date
- Number of days until key expiration
Adding a key
To add a key:
- In the main window of the application web interface, open the management console tree and select the Settings section and Licensing subsection.
- Click the Add button.
The Add a key window opens.
- Click the Browse button.
The file selection window opens.
- Select the key file that you want to add.
- Click OK.
Once added, a key can have active or additional status. The first key to be added automatically becomes active. You can use the application as soon as you add an active key.
After adding an active key, you can add an additional key. The additional key automatically becomes active on expiration of the license. This ensures that protection is maintained in the period between expiration and renewal of the license.
Removing a key
To remove a key:
- In the main window of the application web interface, open the management console tree and select the Settings section and Licensing subsection.
- In the workspace of the window, select the check box next to the key that you want to delete.
- Click the Delete button.
The Remove key window opens.
- Click Yes.
The selected key is removed.
If you remove the active key and an additional key has been added for Kaspersky Secure Mail Gateway, the additional key automatically becomes active.
If you remove the active and additional keys, you cannot use the application functionality available under your license.
Modes of Kaspersky Secure Mail Gateway operation under license
Kaspersky Secure Mail Gateway can operate in various modes depending on the license.
Unlicensed
Kaspersky Secure Mail Gateway runs in this mode from the time when you install the application and start its web interface and until you add an active key.
Kaspersky Secure Mail Gateway does not scan email messages in Unlicensed mode.
Trial license
In this mode, Kaspersky Secure Mail Gateway scans email messages and updates databases.
When the trial license key expires, Kaspersky Secure Mail Gateway stops scanning email messages and updating databases.
In order for Kaspersky Secure Mail Gateway to resume operation, you have to install a commercial license key.
Commercial license
In this mode, Kaspersky Secure Mail Gateway scans email messages and updates databases.
When the commercial license key expires, Kaspersky Secure Mail Gateway continues scanning email messages but stops updating databases.
To resume database updates, add a new commercial license key or renew the existing commercial license key.
Kaspersky Secure Mail Gateway supports the following types of commercial license keys:
- Fully-functional key. When a key is added, the application works in full-functionality mode, performing scans for spam, phishing, viruses and other types of malware.
- Key for Anti-Virus protection. When this key is added, the application scans messages for viruses and other threats but does not scan messages for spam. The status label assigned by the application to a message following a spam scan contains information about limited functionality.
- Key for Anti-Spam and Anti-Phishing protection. When this key is added, the application scans messages for spam and phishing but does not scan messages for viruses and other threats. The status label assigned by the application to a message following a scan for viruses and other threats contains information about limited functionality.
Black list of keys
A key can be added to the black list of keys in a number of cases. If this has happened, Kaspersky Secure Mail Gateway stops scanning email messages but continues attempts to update databases in case the key is removed from the black list of keys.
As soon as the key has been removed from the black list of keys, Kaspersky Secure Mail Gateway resumes scanning of email messages in accordance with the valid license.
After scanning of email messages in Kaspersky Secure Mail Gateway is disabled, the following functionality remains available: the mail transfer agent (MTA), the connection to the LDAP server, the event log, and Kaspersky Secure Mail Gateway operation reports. You also have access to all Kaspersky Secure Mail Gateway settings (except the protection settings) via the web interface.
Notification about license expiration
The application checks the license validity period after each update. When the number of days specified in the Send notification setting remains until license expiration, the application starts sending notifications to the email addresses of Kaspersky Secure Mail Gateway administrator.
By default, the application starts sending license expiration notifications 30 days before license expiration.
License expiration notifications are sent once a day.
The application stops sending license expiration notifications in the following cases:
- You have added a key whose validity period exceeds the validity period of the previous key and the value of the Send notification setting.
- License has expired. In this case, the application sends a notification that the license has expired.
To configure the start date for sending notifications, edit the header or text of the notification about an expiring license:
- In the main window of the application web interface, open the management console tree and select the Settings section and Notifications subsection.
- In the License expires soon section, click any link to open the Notification settings window.
- In the Subject field, type the header of the expiring license notification.
- In the Message field, type the text of the expiring license notification.
- In the Send notification list, specify the number of days until license expiry that you want to start receiving the notification.
- Click the Save button.
The Notification settings window closes.
To enable or disable delivery of license expiration notifications:
- In the main window of the application web interface, open the management console tree and select the Settings section and Notifications subsection.
- In the License expires soon section, do one of the following:
- Flip on the toggle switch next to the name of the License expires soon group of settings if you want to enable delivery of license expiration notifications.
- Flip off the toggle switch next to the name of the License expires soon group of settings if you want to disable delivery of license expiration notifications.
If an additional key is installed in the application, the notification is not sent. After the expiry of the active key, the additional key automatically becomes active.
If the additional key validity period expires before the application is configured to start sending notifications, the first notification is sent at the time when the active key is replaced with the additional key.
Mail server protection status
In the Monitoring section of the Kaspersky Secure Mail Gateway web interface, the following information on the status of mail server protection is displayed in the right part of the workspace:
- Status of operation of the Anti-Spam, Anti-Virus, and Anti-Phishing engines
- Information about the last update of Anti-Virus databases and Anti-Spam databases as well as information on whether or not the databases of the Anti-Spam, Anti-Virus, and Anti-Phishing modules are current
- Status of the connection to LDAP servers
- License validity period and a license expiration notification if the license is about to expire
- Information about the status of transmission and reception of messages by the MTA.
If you have activated the application, the Anti-Spam, Anti-Virus, and Anti-Phishing modules are enabled by default, and message transmission and receipt is enabled for the MTA mail agent.
Participating in Kaspersky Security Network
This section provides information about participation in Kaspersky Security Network.
About participation in Kaspersky Security Network
To protect your computer more effectively, Kaspersky Secure Mail Gateway uses data that is collected from users around the globe. Kaspersky Security Network is designed for gathering this data.
Kaspersky Security Network (KSN) is an infrastructure of cloud services providing access to Kaspersky Lab's online knowledge base with information about the reputation of files, web resources, and software. Data from Kaspersky Security Network ensures faster response by Kaspersky Secure Mail Gateway to new threats, improves the performance of some protection components, and reduces the risk of false positives.
Thanks to users who participate in Kaspersky Security Network, Kaspersky Lab is able to promptly gather information about types and sources of new threats, develop solutions for neutralizing them, and minimize the number of false positives.
When you participate in Kaspersky Security Network, certain statistics collected while Kaspersky Secure Mail Gateway is running are sent to Kaspersky Lab automatically. Files or their parts which may be exploited by intruders to harm the computer or data can be also sent to Kaspersky Lab to be examined additionally.
No personal data is collected, processed, or stored. The types of data that Kaspersky Secure Mail Gateway sends to Kaspersky Security Network are described in the KSN Statement.
Participation in Kaspersky Security Network is voluntary. The decision to participate in Kaspersky Security Network is taken during installation of Kaspersky Secure Mail Gateway, and can be changed at any time.
Configuring participation in Kaspersky Security Network
To accept or reject participation in Kaspersky Security Network:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the KSN Statement link to open the KSN Statement window.
- Read the Kaspersky Security Network Statement and select one of the following options:
- Accept if you want to participate in Kaspersky Security Network.
- Do not accept if you do not want to participate in Kaspersky Security Network.
- Click the Apply button.
The KSN Statement window closes.
- In the External services section, click the KSN timeout link to open the External services window.
- In the External services settings group, in the KSN timeout field specify the maximum KSN timeout in seconds. You can specify a value in the range from 1 to 300 seconds.
The default value is 10 seconds.
- Click the Apply button.
Deploying the Kaspersky Secure Mail Gateway virtual machine image
This section provides step-by-step instructions for deploying the image of the Kaspersky Secure Mail Gateway virtual machine on a VMware ESXi host.
Preparing to deploy
Before deploying the image of the Kaspersky Secure Mail Gateway virtual machine, verify that the VMware ESXi version and hardware resources allocated for the virtual machine meet the software and hardware requirements.
Step 1. Selecting a virtual machine image
The Kaspersky Secure Mail Gateway virtual machine image is distributed in an OVF package.
To deploy the virtual machine image from the OVF package:
- Start VMware vSphere Client.
- In the File menu, select Deploy OVF Template (see figure below).
Deploying a virtual machine out of an OVF template
The Deploy OVF Template window opens (see figure below).
Selecting a template to deploy
- In the Deploy OVF Template window, select a file with the OVA extension, which contains the image of the Kaspersky Secure Mail Gateway virtual machine.
- Click Next.
The Wizard proceeds to the next step.
Step 2. Viewing details of the virtual machine image
To view the details of the Kaspersky Secure Mail Gateway virtual machine image:
- View the details of the virtual machine image selected at the previous step (see figure below).
Viewing details of the virtual machine image
- Click Next.
The Wizard proceeds to the next step.
Step 3. Reviewing the License Agreement
To continue the deployment process, you have to accept the terms of the End User License Agreement. Deployment will not continue if the terms of the End User License Agreement are not accepted.
To accept the terms of the End User License Agreement:
- In the Deploy OVF Template window (see figure below), click Accept.
Reviewing the License Agreement
- Click Next.
The Wizard proceeds to the next step.
Step 4. Naming the virtual machine
To name the Kaspersky Secure Mail Gateway virtual machine image:
- Type the name of the virtual machine in the Name field (see figure below).
The name must be unique among the names of all existing virtual machines.
Naming the virtual machine
- Click Next.
The Wizard proceeds to the next step.
Step 5. Selecting a destination storage for the virtual machine
To select a destination storage of the VMware ESXi host to store files of the Kaspersky Secure Mail Gateway virtual machine:
- Select a destination storage in the list (see figure below).
Selecting a destination storage for the Kaspersky Secure Mail Gateway virtual machine
- Click Next.
The Wizard proceeds to the next step.
Step 6. Selecting a storage option for virtual machine files
To select a storage option for files of the Kaspersky Secure Mail Gateway virtual machine in the destination storage of the VMware ESXi host:
- Select one of the following list options (see figure below):
- Thick Provision Lazy Zeroed. The specified disk space is immediately reserved for virtual machine files. Data blocks inside the allocated space are overwritten with virtual machine data as they are accessed.
- Thick Provision Eager Zeroed. The specified disk space is immediately reserved for virtual machine files. Data blocks of the disk space are cleared immediately.
- Thin Provision. The minimum required disk space is reserved for virtual machine files. This disk space can be increased if necessary.
We recommend using one of the Thick Provision options.
Selecting a storage option for files
- Click Next.
The Wizard proceeds to the next step.
Step 7. Starting and finishing deployment of the virtual machine image
To start deploying a virtual machine image and verify that deployment has finished correctly:
- Verify that the virtual machine settings configured at previous steps are correct (see figure below).
Viewing deployment settings
- Select the Power on after deployment check box if you want the virtual machine to start automatically after deployment.
- If all settings are configured correctly, click the Finish button.
The virtual machine image deployment process starts (see figure below):
Progress of virtual machine deployment
- Select the Close this dialog when completed check box if you want the virtual machine image deployment progress window to close automatically as soon as deployment finishes.
- Click Close(see figure below) when deployment finishes.
Finishing virtual machine deployment
After deploying the virtual machine image, perform initial configuration of the virtual machine.
Initial configuration of Kaspersky Secure Mail Gateway
Perform initial configuration of the Kaspersky Secure Mail Gateway virtual machine image after deploying it.
Initial configuration of the virtual machine is a sequence of steps. The Initial Configuration Wizard of Kaspersky Secure Mail Gateway is started automatically when the virtual machine is powered on for the first time.
Preparing for initial configuration
To begin initial configuration of the Kaspersky Secure Mail Gateway virtual machine:
- Start VMware vSphere Client.
- Select a Kaspersky Secure Mail Gateway virtual machine in the list of virtual machines in the left part of the main application window.
- Power on the virtual machine by clicking the
button on the control panel of the main application window. - Open the VMware vSphere Client console by selecting the Console tab in the right part of the main application window (see figure below) and follow the steps of the wizard.
Opening the VMware vSphere Client console
Step 1. Selecting the End User License Agreement language
To set the language in which the texts of the End User License Agreement for Kaspersky Secure Mail Gateway and the Kaspersky Security Network Statement will be displayed:
- Select a language in the list (see figure below).
Selecting the language for viewing the End User License Agreement of Kaspersky Secure Mail Gateway and the KSN Statement
The available languages depend on the localization packages included in your Kaspersky Secure Mail Gateway distribution kit.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 2. Reviewing the License Agreement
At this step, you have to accept or reject the terms of the Kaspersky Secure Mail Gateway End User License Agreement (see figure below). Use the arrow buttons to navigate the text.
Reviewing the License Agreement
To accept or reject the terms of the End User License Agreement:
- Select one of the following options:
- I do not accept the agreement if you want to reject the terms of the End User License Agreement.
- I accept the agreement if you want to accept the terms of the End User License Agreement.
- Press Enter.
If you rejected the terms of the End User License Agreement, initial configuration of Kaspersky Secure Mail Gateway is aborted. The Initial Configuration Wizard prompts you to power down the virtual machine (see figure below):
Powering down the virtual machine if the End User License Agreement has been rejected
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step if you accept the terms of the End User License Agreement.
Step 3. Selecting the mode of operation of Kaspersky Secure Mail Gateway
At this step you have to select the mode of operation of Kaspersky Secure Mail Gateway within the IT infrastructure of your organization.
Kaspersky Secure Mail Gateway can run in normal mode or in certified mode.
In normal mode, Kaspersky Secure Mail Gateway is allowed to access the Internet and connect to the following servers outside the IT infrastructure of your organization:
In certified mode, Kaspersky Secure Mail Gateway is not allowed to access the Internet and connect to servers outside the IT infrastructure of your organization. Besides, when Kaspersky Secure Mail Gateway operates in certified mode, the administrator is not allowed to view the event Log from the Kaspersky Secure Mail Gateway administrator's menu.
In certified mode, the settings of Kaspersky Secure Mail Gateway components that require Internet access take the following values by default:
- KSN usage is disabled.
- SPF, DKIM, and DMARC message authentication is disabled. Connection to DNS servers is prohibited.
- The Enforced Anti-Spam Updates service is disabled in the settings of the Anti-Spam component.
- Kaspersky Secure Mail Gateway receives database updates from Kaspersky Security Center or a local source of Kaspersky Secure Mail Gateway database updates.
To select the operation mode of Kaspersky Secure Mail Gateway:
- Select one of the following options for switching Kaspersky Secure Mail Gateway to certified mode of operation (see figure below):
- No, if you do not want to switch Kaspersky Secure Mail Gateway to certified mode of operation and want Kaspersky Secure Mail Gateway to run in normal mode.
- Yes, if you want to switch Kaspersky Secure Mail Gateway to certified mode of operation.
Switching Kaspersky Secure Mail Gateway to certified mode of operation
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 4. Configuring participation in Kaspersky Security Network
If you have selected the regular mode of operation of Kaspersky Secure Mail Gateway, the initial configuration wizard of Kaspersky Secure Mail Gateway prompts you to accept or reject the terms of participation in Kaspersky Security Network (KSN).
Kaspersky Security Network (KSN) is an infrastructure of cloud services providing access to Kaspersky Lab's online knowledge base with information about the reputation of files, web resources, and software. Data from Kaspersky Security Network ensures faster response by Kaspersky Secure Mail Gateway to new threats that have not been added to the antivirus databases yet, improves the performance of some protection components, and reduces the risk of false alarms.
Thanks to users who participate in Kaspersky Security Network, Kaspersky Lab is able to promptly gather information about types and sources of threats, develop solutions for neutralizing them, and minimize the number of false positives. In addition, participation in Kaspersky Security Network provides you with access to information about the reputation of various applications and websites.
If you participate in Kaspersky Security Network, Kaspersky Secure Mail Gateway performance statistics are submitted to Kaspersky Lab. These statistics are sent automatically.
No personal data is collected, processed, or stored.
Participation in Kaspersky Security Network is voluntary. The decision on whether or not to participate in Kaspersky Security Network is made during initial configuration of Kaspersky Secure Mail Gateway. However, you can change your decision later at any time.
The text of the Kaspersky Security Network Statement is displayed on the screen of the virtual machine console (see figure below). Use the arrow buttons to navigate the text. The text of the Kaspersky Security Network Statement is displayed in the language selected at Step 1.
Viewing the Kaspersky Security Network Statement
To accept or decline participation in Kaspersky Security Network:
- Select one of the following options:
- I do not agree to participate in Kaspersky Security Network if you want to decline participation in Kaspersky Security Network.
- I agree to participate in Kaspersky Security Network if you want to accept participation in Kaspersky Security Network.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 5. Selecting the input language for Kaspersky Secure Mail Gateway
To configure the input language to be used when managing Kaspersky Secure Mail Gateway:
- Select the input language in the list (see figure below).
Selecting the input language
- Click OK.
The virtual machine Initial Configuration Wizard proceeds to the next step.
Step 6. Setting the time zone
To set a time zone for Kaspersky Secure Mail Gateway:
- Select a country from the list displayed on the screen of the VMware vSphere Client console (see figure below).
Selecting a country when setting the time zone
- Press Enter.
A list of time zones available for the selected country is displayed (see figure below).
Selecting the time zone
- Select a time zone.
- Press Enter.
A time zone selection confirmation window opens (see figure below).
Confirming time zone selection
- If the time zone has been selected correctly, click Yes.
The Initial Configuration Wizard of Kaspersky Secure Mail Gateway proceeds to the next step.
Step 7. Assigning the host name (myhostname)
To specify the name of the Kaspersky Secure Mail Gateway host to be used by DNS servers (myhostname):
- In the hostname field, enter the full domain name of the Kaspersky Secure Mail Gateway server (see figure below).
Specify the server name in FQDN format (for example: host.domain.com or host.domain.subdomain.com).
Assigning the host name
- Click OK.
After you have assigned the Kaspersky Secure Mail Gateway host name, the virtual machine attempts to acquire the network settings automatically using the DHCP server and download Kaspersky Secure Mail Gateway databases.
The Initial Configuration Wizard of Kaspersky Secure Mail Gateway proceeds to the next step.
Step 8. Configuring the network interface
At this step, configure the settings of the Kaspersky Secure Mail Gateway network interface: enable or disable the network interface, assign the IP address and network mask.
Enabling and disabling the network interface
At least one network interface has to be enabled to make configuration of Kaspersky Secure Mail Gateway possible. You may have to disable a network interface if you are using several network interfaces and want to disable one of them temporarily.
To disable a network interface:
- Select the Enabled setting (see figure below).
Enabling and disabling the network interface
- Press Enter.
The value of the Enabled setting changes to no.
- Proceed to assign the IP address and network mask (Assigning the IP address and network mask using the DHCP server, Assigning a static IP address and network mask) to finish configuring the network interface.
To enable a network interface:
- Make sure that value of the Enabled setting is set to yes.
The network interface is enabled by default.
- Proceed to assign the IP address and network mask (Assigning the IP address and network mask using the DHCP server, Assigning a static IP address and network mask) to finish configuring the network interface.
Assigning the IP address and network mask using the DHCP server
To assign the IP address and network mask using the DHCP server:
- Make sure that the value of the Use DHCP setting is set to yes (see figure below).
You may need to use the DHCP server for assigning the IP address and network mask if you are configuring Kaspersky Secure Mail Gateway in test mode.
The use of the DHCP server for assigning the IP address and network mask is enabled by default.
Assigning the IP address and network mask using the DHCP server
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Assigning a static IP address and network mask
To assign a static IP address and network mask:
- Select the Use DHCP setting (see figure below).
Assigning a static IP address and network mask is recommended if you are configuring Kaspersky Secure Mail Gateway in production mode.
Assigning a static IP address and network mask
- Press Enter.
A window opens prompting you to confirm assignment of static settings for the network interface (see figure below).
Confirming assignment of static settings for the network interface
- Click Yes.
A window for entering the static IP address and network mask opens (see figure below).
Specifying a static IP address and network mask
- In the Address field, type the IP address that you want to assign for Kaspersky Secure Mail Gateway.
- In the Netmask field, type the mask of the network on which you are using Kaspersky Secure Mail Gateway.
- Click OK.
The Initial Configuration Wizard of Kaspersky Secure Mail Gateway returns to the network interface configuration window (see figure below).
Finishing configuration of the network interface
- Verify that the network settings are correct.
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 9. Configuring network routes
At this step, assign the gateway address for configuring the network route. You can also add, delete, or modify additional static network routes at this step.
Assigning a gateway address using the DHCP server
To assign the gateway address using the DHCP server:
- Make sure that the value of the Gateway setting is set to dhcp (see figure below).
You may need to use the DHCP server for assigning the gateway address if you are configuring Kaspersky Secure Mail Gateway in test mode.
The use of the DHCP server for assigning the gateway address is enabled by default.
Assigning a gateway address using the DHCP server
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Assigning a static gateway address
To assign a static gateway address:
- Select the Gateway setting (see figure below).
Assigning a static gateway address
- Press Enter.
- If at the previous step of initial configuration of Kaspersky Secure Mail Gateway you chose to use the DHCP server for configuring the network interface, click Yes in the window prompting you to confirm assignment of the static gateway address (see figure below).
Confirming assignment of a static gateway address
A window for entering the static gateway address opens (see figure below).
Specifying a static gateway address
- Type the gateway address in the Gateway field.
- Click OK.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine returns to the network routes configuration window (see figure below).
Finishing the configuration of network routes
- Make sure that the network route settings have been configured correctly.
To modify, delete, or add additional static routes, proceed to configuring additional static network routes.
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Adding an additional static route
To add an additional static network route:
- Select the Edit static routes setting (see figure below).
Configuring additional static network routes
- Press Enter.
A window for select additional static route configuration options opens (see figure below).
Adding a new static route
- Select New route.
- Press Enter.
A window for entering the static route settings opens (see figure below).
Specifying static route settings
- In the Address field, enter the IP address of the static route.
- In the Netmask field, enter the mask of the static route network.
- Type the gateway address in the Gateway field.
- Click OK.
A window opens, letting you select the network interface for which you want to configure the static route (see figure below).
Selecting the network interface of the static route
- Select a network interface.
- Press Enter.
A window with a list of additional static routes opens (see figure below).
List of additional static network routes
- Select Go back.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine returns to the network routes configuration window (see figure below).
Finishing the configuration of network routes
- Make sure that the network route settings have been configured correctly.
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Modifying an additional static route
To modify an additional static route:
- Select the Edit static routes setting (see figure below).
Configuring additional static network routes
- Press Enter.
A window with a list of additional static routes opens (see figure below).
List of additional static network routes to modify
- Select an additional static network route that you want to modify.
- Press Enter.
- A window for entering the static route settings opens (see figure below).
Specifying static route settings
- Make changes in the Address field to modify the IP address of the static route.
- Make changes in the Netmask field to modify the mask of the static route network.
- Make changes in the Gateway field to modify the gateway address.
- Click OK.
A window opens, letting you select the network interface for which you want to configure the static route (see figure below).
Selecting the network interface of the static route
- Select a network interface.
- Press Enter.
A window with a list of additional static routes opens (see figure below).
List of additional static network routes
- Select Go back.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine returns to the network routes configuration window (see figure below).
Finishing the configuration of network routes
- Make sure that the network route settings have been configured correctly.
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Deleting an additional static route
To delete an additional static route:
- Select the Edit static routes setting (see figure below).
Configuring additional static network routes
- Press Enter.
A window with a list of additional static routes opens (see figure below).
Removing additional static network routes
- Select Delete routes.
- Press Enter.
- A window for selecting the static route to delete opens (see figure below).
Selecting a static route to delete
- Select the route that you want to delete.
- Click the Delete button.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine returns to the window with a list of additional static routes that remain after deletion or, if you have deleted all additional routes, displays a window where you can select the action to take on the routes (see figure below).
Selecting the action to perform after all static routes have been removed
- Select Go back.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine returns to the network routes configuration window (see figure below).
Finishing the configuration of network routes
- Make sure that the network route settings have been configured correctly.
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 10. Configuring DNS settings
At this step, configure the DNS settings of the Kaspersky Secure Mail Gateway virtual machine.
Assigning DNS addresses using the DHCP server
To assign the DNS address using the DHCP server:
- Select the name of your network interface (for example: eth0) in the list of settings for using the DHCP server for assigning DNS addresses (see figure below) .
You may need to use the DHCP server for assigning DNS addressed if you are configuring Kaspersky Secure Mail Gateway in test mode.
Enabling the use of the DHCP server for assigning DNS addresses
- Press Enter.
A window for configuring DNS settings with the use of the DHCP server opens (see figure below).
Finishing configuration of DNS settings with the use of the DHCP server
- Make sure that the values of the Search list, Primary DNS, Secondary DNS settings are set to dhcp.
- Select Continue.
- Press Enter.
A window with the settings of the Kaspersky Secure Mail Gateway network opens (see figure below).
Kaspersky Secure Mail Gateway network settings
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine restarts the virtual machine with the new values of settings and proceeds to the next step.
Assigning static DNS addresses
To assign static DNS addresses:
- Select no in the list of settings for using the DHCP server for assigning DNS addresses (see figure below) .
Assigning static DNS addresses is recommended if you are configuring Kaspersky Secure Mail Gateway in production mode.
Disabling the use of the DHCP server for assigning DNS addresses
- Press Enter.
A window for entering static DNS addresses opens (see figure below).
Specifying static DNS addresses
- In the Search list field, type the DNS suffix that you want to use with Kaspersky Secure Mail Gateway.
- In the Primary field, type the IP address of the primary DNS server in IPv4 format.
- In the Secondary field, type the IP address of the secondary DNS server in IPv4 format.
- Click OK.
A window for configuring static DNS settings opens (see figure below).
Finishing configuration of static DNS settings
- Verify that the DNS settings are correct.
- Select Continue.
- Press Enter.
A window with the settings of the Kaspersky Secure Mail Gateway network opens (see figure below).
Kaspersky Secure Mail Gateway network settings
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine restarts the virtual machine with the new values of settings and proceeds to the next step.
Step 11. Setting the web interface administrator password
To set an administrator's password for accessing the web interface (Administrator account):
- Type any characters in the Test input field to check the keyboard layout.
- In the Password field, type the administrator's password for accessing the web interface of Kaspersky Secure Mail Gateway (see figure below).
Setting the administrator's password for the web interface of Kaspersky Secure Mail Gateway
The password must contain:
- At least eight characters
- Only characters in ASCII encoding
- At least one upper-case character
- At least one lower-case character
- At least one numeral
- Type the password again in the Confirm password field.
- Click OK.
The Initial Configuration Wizard of Kaspersky Secure Mail Gateway proceeds to the next step.
Step 12. Setting the administrator password for using the console
The administrator of Kaspersky Secure Mail Gateway has the rights to manage the virtual machine. The administrator can power down or restart the virtual machine or edit its network settings in the WMware console. The admin account with a separate administrator password is used for administering Kaspersky Secure Mail Gateway.
To set the administrator's password for managing Kaspersky Secure Mail Gateway in the VMware console (under the admin account):
- Type any characters in the Test input field to check the keyboard layout.
- In the Password field, type the administrator's password for managing the settings of Kaspersky Secure Mail Gateway (see figure below).
Setting the administrator password for using the VMware console
The password must contain:
- At least eight characters
- Only characters in ASCII encoding
- At least one upper-case character
- At least one lower-case character
- At least one numeral
- Type the password again in the Confirm password field.
- Click OK.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 13. Specifying email addresses of the mail server administrator
To specify email addresses of the Kaspersky Secure Mail Gateway mail server administrator:
- In the admins' emails field, enter the email addresses of the Kaspersky Secure Mail Gateway administrator (see figure below). You can specify several addresses, separating them with commas.
Specifying email addresses of the administrator
- Click OK.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 14. Configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center
At this step, configure the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center using the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center (see figure below).
Wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center
Kaspersky Security Center is designed for centrally managing and monitoring Kaspersky Secure Mail Gateway by performing the primary administrative tasks.
Kaspersky Security Center acts as the Administration Server.
Kaspersky Secure Mail Gateway includes Network Agent (nagent).
Kaspersky Security Center lets the administrator perform the following Kaspersky Secure Mail Gateway management tasks:
- Add the active and additional keys
- Start the Kaspersky Secure Mail Gateway database update task
- Display information about the status of protection of Kaspersky Secure Mail Gateway
- Start and stop Kaspersky Secure Mail Gateway
Enabling Network Agent
Configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center requires enabling Network Agent.
Network Agent is disabled by default.
To enable Network Agent, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Enabled setting.
- Make sure that value of the Enabled setting is set to yes.
- If the value of the Enabled setting is set to no, press Enter.
Continue performing steps in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center.
Entering the Administration Server address
To enter the address of the Kaspersky Security Center Administration Server, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Address setting.
- Press Enter.
A window for entering the Administration Server address opens (see figure below).
Entering the Administration Server address
- Specify the DNS name or IP address of the Administration Server of Kaspersky Security Center.
- Click OK.
Continue performing the steps of configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center.
Specifying the number of the port for connecting to the Administration Server
To specify the number of the port for connecting to the Kaspersky Security Center Administration Server, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Port setting.
- Press Enter.
A window opens where you can enter the number of the port for connecting to the Administration Server (see figure below).
Specifying the port for connecting to the Administration Server
- Specify the number of the port for connecting to the Administration Server or use the default port number (13000).
- Click OK.
Continue performing steps in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center.
Using the SSL connection for data transfer
You can enable the SSL connection for transferring data to the Administration Server of Kaspersky Security Center.
By default, the SSL connection for transferring data to the Administration Server of Kaspersky Security Center is enabled.
To enable SSL connection, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Use SSL setting.
- Make sure that value of the Use SSL setting is set to yes.
- If the value of the Use SSL setting is set to no, press Enter.
Continue performing steps in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center.
Using a gateway for connecting to the Administration Server
You can choose one of the options for using the gateway when connecting Kaspersky Secure Mail Gateway to the Administration Server of Kaspersky Security Center:
- Disable the use of the gateway
- Enable the use of the gateway
- Enable the use of Network Agent as a gateway
By default, the use of a gateway is disabled when connecting to the Administration Server, and the connection to Kaspersky Security Center is established directly.
To disable the use of the gateway for connecting Kaspersky Secure Mail Gateway to the Administration Server, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Gw mode setting.
- Make sure that the value of the Gw mode setting is set to don't use.
- If the Gw mode setting has any other value, keep pressing the Enter key until the value of the Gw mode setting changes to don't use.
To enable the use of the gateway for connecting Kaspersky Secure Mail Gateway to the Administration Server, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Gw mode setting.
- Keep pressing the Enter key until the value of the Gw mode setting changes to use gateway.
- Select the Gateway setting.
- Press Enter.
A window for entering the gateway address opens (see figure below).
Entering the address of a gateway for connecting to the Administration Server
- Enter the DNS name or IP address of the gateway that you want to use for connecting to the Administration Server of Kaspersky Security Center.
- Click OK.
To enable the use of Network Agent as a gateway for connecting Kaspersky Secure Mail Gateway to the Administration Server, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Gw mode setting.
- Keep pressing the Enter key until the value of the Gw mode setting changes to act as gateway.
Proceed to check the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center.
Step 15. Checking the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center
To check the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center, do the following in the window of the wizard for configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center:
- Select the Check Status setting.
- Press Enter.
- If you have modified the settings of Kaspersky Secure Mail Gateway connection to Kaspersky Security Center when configuring the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center, click Yes in the window prompting you to confirm changes (see figure below).
Confirming changes to Kaspersky Security Center connection settings
The window prompting you to confirm saving changes to Kaspersky Security Center connection settings closes.
The Check Status setting takes the value corresponding to the status of Kaspersky Secure Mail Gateway connection to Kaspersky Security Center.
For example, if the connection of Kaspersky Secure Mail Gateway to Kaspersky Security Center has been established successfully, the value of the Check Status setting changes to OK.
- Select Continue.
- Press Enter.
The Initial Configuration Wizard of the Kaspersky Secure Mail Gateway virtual machine proceeds to the next step.
Step 16. Displaying the settings of the connection to the web interface
If the network connection has been configured successfully, initial configuration of Kaspersky Secure Mail Gateway finishes at this step, and a window with the web interface connection settings opens (see figure below).
Finishing initial configuration of Kaspersky Secure Mail Gateway
Remember or write down the IP address specified in the IP address information window and click OK.
Initial configuration of Kaspersky Secure Mail Gateway has finished.
If your network does not use a DHCP server, Kaspersky Secure Mail Gateway is unable to retrieve the Kaspersky Secure Mail Gateway web interface connection settings automatically, and the IP address of the connection to the web interface is not displayed in the IP address information window. In this case, you can configure the settings of the connection to the Kaspersky Secure Mail Gateway web interface manually using the administrator's menu of Kaspersky Secure Mail Gateway.
Starting the Kaspersky Secure Mail Gateway virtual machine
After initial configuration, the virtual machine of Kaspersky Secure Mail Gateway starts automatically. To ensure interaction with the existing mail infrastructure, the mail server preinstalled on the Kaspersky Secure Mail Gateway virtual machine needs to be configured additionally.
You can view information about the operation of Kaspersky Secure Mail Gateway and configure message processing rules and protection settings via the web interface.
You can also configure settings and manage the operation of the virtual machine from the administrator's menu in the WMware console.
Connecting to the Kaspersky Secure Mail Gateway web interface
After completing initial configuration, you can connect to the web interface of Kaspersky Secure Mail Gateway.
To connect to the web interface of Kaspersky Secure Mail Gateway:
- Type the following address in the address line of the web browser:
https://<IP-address-of-deployed-appliance>/ksmg, using the IP address received at Step 16 of the Initial Configuration Wizard of Kaspersky Secure Mail Gateway.A web interface login page opens, prompting you to enter the user name and password of the web address administrator.
- In the User name field, type
Administrator. - In the Password field, type the password specified at Step 11 of the Initial Configuration Wizard of Kaspersky Secure Mail Gateway.
- Click the Log in button.
The main page of the Kaspersky Secure Mail Gateway web interface opens.
Integrating Kaspersky Secure Mail Gateway into the corporate mail infrastructure
Kaspersky Secure Mail Gateway is integrated into the existing corporate mail infrastructure and is not a standalone mail system. For example, Kaspersky Secure Mail Gateway does not deliver email messages to recipients and does not manage user accounts.
You can integrate Kaspersky Secure Mail Gateway into the corporate mail infrastructure in one of the following ways:
- Directly.
- Through an edge gateway on which SMTP verification of recipient email addresses is enabled.
Before configuring integration of Kaspersky Secure Mail Gateway via an edge gateway, specify whether or not SMTP verification of recipient email addresses is enabled on the edge gateway to which Kaspersky Secure Mail Gateway will be relaying messages from internal domains.
- Through an edge gateway on which SMTP verification of recipient email addresses is disabled.
You can configure the basic settings of Kaspersky Secure Mail Gateway integration into the corporate mail infrastructure using the Quick MTA Setup Wizard as well as integrate Kaspersky Secure Mail Gateway into the corporate mail infrastructure through the web interface of the application.
After you complete all steps of the Quick MTA Setup, Kaspersky Secure Mail Gateway resets all values of MTA setting and replaces them with values that you specified in the Quick MTA Setup Wizard.
Direct integration using a Quick Setup Wizard
Direct integration is the type of integration where Kaspersky Secure Mail Gateway receives email messages directly from the Internet and redirects them to internal mail servers, and also receives messages from internal mail servers and redirects them to the Internet.
To configure direct integration of Kaspersky Secure Mail Gateway into the corporate mail infrastructure:
- In the main window of the application web interface, open the administration console tree and select the Quick MTA Setup section.
- In the Integrating Kaspersky Secure Mail Gateway into mail infrastructure section, select Integrate directly.
- Click the Start integration link to begin performing the steps of the wizard.
Step 1. Adding local domains (relay_domains)
At this step, add local domains of your organization for which Kaspersky Secure Mail Gateway will be receiving email messages from the outside. Kaspersky Secure Mail Gateway will receive messages only for the domains you specified. Messages intended for other domains are rejected.
If local domains are not specified, Kaspersky Secure Mail Gateway will not be receiving messages for your internal mail servers.
To add local domains of your organization:
- Click the Add a domain link to open the Adding a domain window.
- In the Enter domain name field, type the name of the domain for which Kaspersky Secure Mail Gateway will be receiving messages.
Type the domain names in FQDN format.
- Click the Add button.
- The Adding a domain window closes.
The domain names have to be entered one at a time. Repeat the process of adding domain names to the list for all domain names that you are adding.
Proceed to the next step of the wizard.
Step 2. Configuring email routing (transport_map)
Configure email routing at this step.
By default, Kaspersky Secure Mail Gateway uses the settings of your DNS server for email routing. To configure email routing manually, create a transport map: enter the names of the domains for which email messages are intended and then type the IP addresses or FQDN names of the domains to which Kaspersky Secure Mail Gateway will be redirecting messages intended for the domains.
For example, if you want messages intended for the example.com domain to be redirected to the address 1.1.1.0:25, add the example.com domain to the transport map and then specify the IP address 1.1.1.0 and port number 25 for routing messages intended for the example.com domain.
To configure email routing:
- Click the Add a record to the transport map link to open the Email routing window.
- In the Enter domain name field, type the name of the domain for which email messages are intended.
Type the domain names in FQDN format.
- In the Enter email destination address (IPv4, domain name or FQDN) field, type the IP address or domain name of the server the routing of email to which you want to configure.
You can enter an IPv4 address (for example: 192.0.0.1 or 192.0.0.0/16), an IPv6 address (for example: 2607:f0d0:1002:51::4), subnet mask in CIDR format (for example: fc00::/7), domain name or FQDN.
- In the Enter the port number to connect with the email destination address, select the port number.
The default value is 25.
- Select one of the following options:
- Do not enable MX lookup.
- Enable MX lookup (for domain names or FQDNs).
- Click OK.
- The Email routing window closes.
Transport map records are added one at a time. Repeat the process of adding records to the transport map for all records that you are adding.
Proceed to the next step of the wizard.
Step 3. Adding trusted networks and network hosts (mynetworks)
At this step, create a list of trusted networks and network hosts that are allowed to send email messages via Kaspersky Secure Mail Gateway.
As a rule, these are internal networks and network hosts of your organization.
For example, you can specify the IP addresses of Microsoft Exchange servers used at your organization.
If trusted networks are not specified, Kaspersky Secure Mail Gateway will not be receiving messages from internal mail servers and redirect them outside the network of your organization.
To add a list of trusted networks and network hosts:
- Click the Add a trusted network or network host link to open the Adding a trusted network window.
- In the Enter network address or network host address field, type the name of the domain for which email messages are intended.
Type the domain names in FQDN format.
- In the Enter email destination address (IPv4, domain name or FQDN) field, type the IP address of the network or a subnet address.
Type IP addresses in IPv4 format or subnet addresses in CIDR format.
- Click OK.
- The Adding a trusted network window closes.
Addresses are added one at a time. Repeat the process of adding addresses to the list for all addresses that you are adding.
Proceed to the next step of the wizard.
Step 4. Finishing integration of Kaspersky Secure Mail Gateway directly
At this step, check the settings you have specified for integrating Kaspersky Secure Mail Gateway into the corporate mail infrastructure and confirm your choice.
When integration into the corporate mail infrastructure is completed, the following settings of Kaspersky Secure Mail Gateway are configured automatically:
- SPF authentication of message senders is enabled.
- SMTP verification of recipient email addresses is enabled.
After you complete all steps of the Quick MTA Setup, Kaspersky Secure Mail Gateway resets all values of MTA setting and replaces them with values that you specified in the Quick MTA Setup Wizard.
Integration through an edge gateway (SMTP verification of recipient email addresses is enabled) with the help of a wizard
Integration through an edge gateway on which SMTP verification of recipient email addresses is enabled is a type of integration where Kaspersky Secure Mail Gateway receives messages from an intermediate gateway and relays them to internal mail servers, and also receives messages from internal mail servers and relays them to the edge gateway. In this case, SMTP verification of recipient email addresses is enabled on the edge gateway.
SMTP verification of recipient email addresses is used by mail systems to prevent reception of messages for nonexistent addresses.
To configure integration of Kaspersky Secure Mail Gateway into the corporate mail infrastructure through an edge gateway on which SMTP verification of recipient email addresses is enabled:
- In the main window of the application web interface, open the administration console tree and select the Quick MTA Setup section.
- In the Integrating Kaspersky Secure Mail Gateway into mail infrastructure section, select Integrate through Edge Gateway.
- Click the Start integration link to go to the SMTP verification of recipient email addresses on the Edge Gateway. section.
- Select SMTP verification of recipient email addresses is enabled on the Edge Gateway.
- Click the Go to adding local domains link to start performing the steps of the wizard.
Step 1. Adding local domains (relay_domains)
At this step, add local domains of your organization for which Kaspersky Secure Mail Gateway will be receiving email messages from the outside. Kaspersky Secure Mail Gateway will receive messages only for the domains you specified. Messages intended for other domains are rejected.
If local domains are not specified, Kaspersky Secure Mail Gateway will not be receiving messages for your internal mail servers.
To add local domains of your organization:
- Click the Add a domain link to open the Adding a domain window.
- In the Enter domain name field, type the name of the domain for which Kaspersky Secure Mail Gateway will be receiving messages.
Type the domain names in FQDN format.
- Click the Add button.
- The Adding a domain window closes.
The domain names have to be entered one at a time. Repeat the process of adding domain names to the list for all domain names that you are adding.
Proceed to the next step of the wizard.
Step 2. Configuring email routing (transport_map)
Configure email routing at this step.
By default, Kaspersky Secure Mail Gateway uses the settings of your DNS server for email routing. To configure email routing manually, create a transport map: enter the names of the domains for which email messages are intended and then type the IP addresses or FQDN names of the domains to which Kaspersky Secure Mail Gateway will be redirecting messages intended for the domains.
For example, if you want messages intended for the example.com domain to be redirected to the address 1.1.1.0:25, add the example.com domain to the transport map and then specify the IP address 1.1.1.0 and port number 25 for routing messages intended for the example.com domain.
To configure email routing:
- Click the Add a record to the transport map link to open the Email routing window.
- In the Enter domain name field, type the name of the domain for which email messages are intended.
Type the domain names in FQDN format.
- In the Enter email destination address (IPv4, domain name or FQDN) field, type the IP address or domain name of the server the routing of email to which you want to configure.
You can enter an IPv4 address (for example: 192.0.0.1 or 192.0.0.0/16), an IPv6 address (for example: 2607:f0d0:1002:51::4), subnet mask in CIDR format (for example: fc00::/7), domain name or FQDN.
- In the Enter the port number to connect with the email destination address, select the port number.
The default value is 25.
- Select one of the following options:
- Do not enable MX lookup.
- Enable MX lookup (for domain names or FQDNs).
- Click OK.
The Email routing window closes.
Transport map records are added one at a time. Repeat the process of adding records to the transport map for all records that you are adding.
Proceed to the next step of the wizard.
Step 3. Entering address of your Edge Gateway (relayhost)
At this step, enter the address of your edge gateway. Kaspersky Secure Mail Gateway will be redirecting all messages to this address.
For example: 192.0.2.1 or domain.com.
If you have configured email routing for individual domains, Kaspersky Secure Mail Gateway will be redirecting email messages to the addresses specified for each domain.
To enter the address of an edge gateway:
- In the Entering address of your Edge Gateway field, type the IP address of the edge gateway.
Type the address in IPv4 format, domain name or FQDN format.
- Select one of the following options:
- Do not enable MX lookup.
- Enable MX lookup (for domain names or FQDNs).
Proceed to the next step of the wizard.
Step 4. Adding trusted networks and network hosts (mynetworks)
At this step, create a list of trusted networks and network hosts that are allowed to send email messages via Kaspersky Secure Mail Gateway.
As a rule, these are internal networks and network hosts of your organization.
For example, you can specify the IP addresses of Microsoft Exchange servers used at your organization.
If trusted networks are not specified, Kaspersky Secure Mail Gateway will not be receiving messages from internal mail servers and redirect them outside the network of your organization.
To add a list of trusted networks and network hosts:
- Click the Add a trusted network or network host link to open the Adding a trusted network window.
- In the Enter network address or network host address field, type the name of the domain for which email messages are intended.
Type the domain names in FQDN format.
- In the Enter email destination address (IPv4, domain name or FQDN) field, type the IP address of the network or a subnet address.
Type IP addresses in IPv4 format or subnet addresses in CIDR format.
- Click OK.
- The Adding a trusted network window closes.
Addresses are added one at a time. Repeat the process of adding addresses to the list for all addresses that you are adding.
Proceed to the next step of the wizard.
Step 5. Finishing integration of Kaspersky Secure Mail Gateway through an edge gateway (SMTP verification of recipient email addresses is enabled)
At this step, check the settings you have specified for integrating Kaspersky Secure Mail Gateway into the corporate mail infrastructure and confirm your choice.
When integration into the corporate mail infrastructure is completed, the following settings of Kaspersky Secure Mail Gateway are configured automatically:
- SPF authentication of message senders is disabled.
Do not enable SPF authentication of message recipients because the message sender is the edge gateway from which Kaspersky Secure Mail Gateway receives messages.
- DMARC authentication of domains from which Kaspersky Secure Mail Gateway receives messages is disabled.
Do not enable DMARC authentication of domains because Kaspersky Secure Mail Gateway receives messages from an intermediate gateway.
- SMTP verification of recipient email addresses is enabled.
Do not disable SMTP verification of recipient email addresses because SMTP verification of recipient email addresses is enabled on the edge gateway.
After you complete all steps of the Quick MTA Setup, Kaspersky Secure Mail Gateway resets all values of MTA setting and replaces them with values that you specified in the Quick MTA Setup Wizard.
Integration through an edge gateway (SMTP verification of recipient email addresses is disabled) with the help of a wizard
Integration through an edge gateway on which SMTP verification of recipient email addresses is disabled is a type of integration where Kaspersky Secure Mail Gateway receives messages from an edge gateway and relays them to internal mail servers, and also receives messages from internal mail servers and relays them to the edge gateway. In this case, SMTP verification of recipient email addresses is disabled on the edge gateway.
SMTP verification of recipient email addresses is used by mail systems to prevent reception of messages for nonexistent addresses.
To configure integration of Kaspersky Secure Mail Gateway into the corporate mail infrastructure through an edge gateway on which SMTP verification of recipient email addresses is disabled:
- In the main window of the application web interface, open the administration console tree and select the Quick MTA Setup section.
- In the Integrating Kaspersky Secure Mail Gateway into mail infrastructure section, select Integrate through Edge Gateway.
- Click the Start integration link to go to the SMTP verification of recipient email addresses on the Edge Gateway. section.
- Select SMTP verification of recipient email addresses is disabled on the Edge Gateway.
- Click the Go to configuring email routing link to start performing the steps of the wizard.
Step 1. Configuring email routing (transport_map)
Configure email routing at this step.
By default, Kaspersky Secure Mail Gateway uses the settings of your DNS server for email routing. To configure email routing manually, create a transport map: enter the names of the domains for which email messages are intended and then type the IP addresses or FQDN names of the domains to which Kaspersky Secure Mail Gateway will be redirecting messages intended for the domains.
For example, if you want messages intended for the example.com domain to be redirected to the address 1.1.1.0:25, add the example.com domain to the transport map and then specify the IP address 1.1.1.0 and port number 25 for routing messages intended for the example.com domain.
To configure email routing:
- Click the Add a record to the transport map link to open the Email routing window.
- In the Enter domain name field, type the name of the domain for which email messages are intended.
Type the domain names in FQDN format.
- In the Enter email destination address (IPv4, domain name or FQDN) field, type the IP address or domain name of the server the routing of email to which you want to configure.
You can enter an IPv4 address (for example: 192.0.0.1 or 192.0.0.0/16), an IPv6 address (for example: 2607:f0d0:1002:51::4), subnet mask in CIDR format (for example: fc00::/7), domain name or FQDN.
- In the Enter the port number to connect with the email destination address, select the port number.
The default value is 25.
- Select one of the following options:
- Do not enable MX lookup.
- Enable MX lookup (for domain names or FQDNs).
- Click OK.
The Email routing window closes.
Transport map records are added one at a time. Repeat the process of adding records to the transport map for all records that you are adding.
Proceed to the next step of the wizard.
Step 2. Entering address of your Edge Gateway (relayhost)
At this step, enter the address of your edge gateway. Kaspersky Secure Mail Gateway will be redirecting all messages to this address.
For example: 192.0.2.1 or domain.com.
If you have configured email routing for individual domains, Kaspersky Secure Mail Gateway will be redirecting email messages to the addresses specified for each domain.
To enter the address of an edge gateway:
- In the Entering address of your Edge Gateway field, type the IP address of the edge gateway.
Type the address in IPv4 format, domain name or FQDN format.
- Select one of the following options:
- Do not enable MX lookup.
- Enable MX lookup (for domain names or FQDNs).
Proceed to the next step of the wizard.
Step 3. Adding trusted networks and network hosts (mynetworks)
At this step, create a list of trusted networks and network hosts that are allowed to send email messages via Kaspersky Secure Mail Gateway.
As a rule, these are internal networks and network hosts of your organization.
For example, you can specify the IP addresses of Microsoft Exchange servers used at your organization.
If trusted networks are not specified, Kaspersky Secure Mail Gateway will not be receiving messages from internal mail servers and redirect them outside the network of your organization.
To add a list of trusted networks and network hosts:
- Click the Add a trusted network or network host link to open the Adding a trusted network window.
- In the Enter network address or network host address field, type the name of the domain for which email messages are intended.
Type the domain names in FQDN format.
- In the Enter email destination address (IPv4, domain name or FQDN) field, type the IP address of the network or a subnet address.
Type IP addresses in IPv4 format or subnet addresses in CIDR format.
- Click OK.
The Adding a trusted network window closes.
Addresses are added one at a time. Repeat the process of adding addresses to the list for all addresses that you are adding.
Proceed to the next step of the wizard.
Step 4. Finishing integration of Kaspersky Secure Mail Gateway through an edge gateway (SMTP verification of recipient email addresses is disabled)
At this step, check the settings you have specified for integrating Kaspersky Secure Mail Gateway into the corporate mail infrastructure and confirm your choice.
When integration into the corporate mail infrastructure is completed, the following settings of Kaspersky Secure Mail Gateway are configured automatically:
- SPF authentication of message senders is disabled.
Do not enable SPF authentication of message recipients because the message sender is the edge gateway from which Kaspersky Secure Mail Gateway receives messages.
- DMARC authentication of domains from which Kaspersky Secure Mail Gateway receives messages is disabled.
Do not enable DMARC authentication of domains because Kaspersky Secure Mail Gateway receives messages from an intermediate gateway.
- SMTP verification of recipient email addresses is disabled.
Do not enable SMTP verification of recipient email addresses because SMTP verification of recipient email addresses is disabled on the edge gateway.
After you complete all steps of the Quick MTA Setup, Kaspersky Secure Mail Gateway resets all values of MTA setting and replaces them with values that you specified in the Quick MTA Setup Wizard.
Configuring MTA settings
Kaspersky Secure Mail Gateway is integrated into the existing corporate mail infrastructure and is not a standalone mail system. For example, Kaspersky Secure Mail Gateway does not deliver email messages to recipients and does not manage user accounts.
You can configure the basic MTA settings using the Quick MTA Setup Wizard or manually in the application web interface.
This section describes how you can configure the MTA settings manually.
Configuring transmission and reception of messages by the MTA
To enable or disable transmission or reception of messages by the mail agent of Kaspersky Secure Mail Gateway:
- In the main window of the application web interface, open the management console tree and select the Message Queue section.
- In the upper part of the workspace, click any link to open the Messages send and receive control window.
- In the Sending Mail list, select one of the following values:
- Yes if you want to allow the mail agent of Kaspersky Secure Mail Gateway to send messages.
- No if you do not want to allow the mail agent of Kaspersky Secure Mail Gateway to send messages.
- In the Receiving Mail list, select one of the following values:
- Yes if you want to allow the mail agent of Kaspersky Secure Mail Gateway to receive messages.
- No if you do not want to allow the mail agent of Kaspersky Secure Mail Gateway to receive messages.
- Click OK.
The Messages send and receive control window closes.
Attention! These settings control transmission and reception of messages by the mail agent of Kaspersky Secure Mail Gateway.
Adding local domains (relay_domains)
Local domains are domains of your organization for which Kaspersky Secure Mail Gateway will be receiving email messages from the outside. Kaspersky Secure Mail Gateway will receive messages only for the domains you specified. Messages intended for other domains are rejected.
If local domains are not specified, Kaspersky Secure Mail Gateway will not be receiving messages for your internal mail servers.
To add a local domain of your organization:
- In the main window of the application web interface, open the management console tree and select the Domains section.
- Click the Add button.
The record creation window opens.
- In the Record type settings group, select Domain as the record type.
- In the Domain/Email address field, type the name of the domain for which Kaspersky Secure Mail Gateway will be receiving email messages from the outside.
Type the fully qualified domain name (FQDN).
- Select the check box next to the name of the Local domain setting.
Kaspersky Secure Mail Gateway will receive messages only for the domains you specified. Messages intended for other domains are rejected.
- In the Email routing settings group, flip on the toggle switch next to the name of the Configure email routing setting.
- In the Protocol settings group, select the email transmission protocol.
- In the Destination address and port number field, type the IP address of the server to which you want to configure routing of email.
You can enter an IPv4 address (for example: 192.0.0.1 or 192.0.0.0/16), an IPv6 address (for example: 2607:f0d0:1002:51::4), or subnet address in CIDR format (for example: fc00::/7).
- In the TLS Encryption mode for all outgoing mail of the mail server settings group, select one of the following options:
- Use TLS Encryption mode, set for all outgoing mail from the server, if you want to use the TLS encryption mode set for all outgoing mail from the server for this domain.
- Override TLS Encryption mode for this domain, if you want to configure a different mode of connection TLS encryption for this domain.
- If you have chosen to configure a different TLS encryption mode for this domain, in the Override TLS Encryption mode for this domain list select the mode of TLS encryption of the connection that you want to set.
- If you want to configure the DKIM signature for messages from addresses of this domain, in the DKIM signature for messages from domain addresses settings group, do the following:
- Click the Add button.
The Creating DKIM signature for the domain window opens.
- In the Selector field, type the name that will help you find the DKIM signature.
- In the Key name list, select the DKIM key based on which the DKIM signature will be added to messages.
- Click OK.
The Creating DKIM signature for the domain window closes.
- Click the Add button.
- Click the Add button in the lower part of the window.
The domain for which Kaspersky Secure Mail Gateway will be receiving messages appears in the list of domains.
Configuring email routing (transport_map)
By default, Kaspersky Secure Mail Gateway uses the settings of your DNS server for email routing. To configure email routing manually, create a transport map: enter the names of the domains for which email messages are intended and then type the IP addresses or FQDN names of the domains to which Kaspersky Secure Mail Gateway will be redirecting messages intended for the domains.
For example, if you want messages intended for the example.com domain to be redirected to the address 1.1.1.0:25, add the example.com domain to the transport map and then specify the IP address 1.1.1.0 and port number 25 for routing messages intended for the example.com domain.
To configure email routing for a domain:
- In the main window of the application web interface, open the management console tree and select the Domains section.
- In the list of domains, select the domain for which you want to configure email routing.
- In the Destination address and port number field, type the IP address of the server to which you want to configure routing of email.
You can enter an IPv4 address (for example: 192.0.0.1 or 192.0.0.0/16), an IPv6 address (for example: 2607:f0d0:1002:51::4), or subnet address in CIDR format (for example: fc00::/7).
- Click OK in the lower part of the window.
Email routing is configured for the domain.
Adding trusted networks and network hosts (mynetworks)
Trusted networks and network hosts – networks and network hosts that are allowed to send email messages via Kaspersky Secure Mail Gateway.
As a rule, these are internal networks and network hosts of your organization.
For example, you can specify the IP addresses of Microsoft Exchange servers used at your organization.
If trusted networks are not specified, Kaspersky Secure Mail Gateway will not be receiving messages from internal mail servers and redirect them outside the network of your organization.
To add a list of trusted networks and network hosts:
- In the main window of the application web interface, open the management console tree and select the Settings section and MTA subsection.
- In the Basic Settings section, click any link to open the Basic MTA settings window.
- In the Trusted networks field, type the list of trusted networks and network hosts for which you want to allow transmission of email messages via Kaspersky Secure Mail Gateway.
Specify the IPv4 addresses in the CIDR notation.
- Click OK.
The Basic MTA settings window closes.
The list of trusted networks and network hosts is added.
Configuring advanced MTA settings
To configure advanced MTA settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and MTA subsection.
- Maximize the Advanced Settings section.
- Click any link in the upper part of the list of settings to open the Advanced MTA settings window.
- In the SMTP greeting text field, type the text that will accompany code 220 in the SMTP greeting.
- In the Maximum connection attempts field, specify the maximum number of connection attempts by one remote SMTP client to the service of the SMTP server per minute.
Type 0 if restrictions are not required.
The default value is 0 (unrestricted).
- In the Maximum simultaneous connection attempts field, specify the maximum number of simultaneous connection attempts by one remote SMTP client to the SMTP server.
Type 0 if restrictions are not required.
The default value is 50.
- In the Maximum mail delivery requests field, specify the maximum number of message delivery requests from one remote SMTP client to the SMTP server per minute, regardless of whether this mail server accepts these messages or not.
Type 0 if restrictions are not required.
The default value is 0 (unrestricted).
- In the SMTP session timeout field, specify the maximum period of time during which a request has to be received from the remote SMTP client and a response sent by the SMTP server.
The default value is 30 seconds.
- In the Interval between destination address connection attempts, specify the interval between attempts by the MTA queue manager to connect to the message destination address if the destination address is unavailable.
The default value is 60 seconds.
- In the Minimum delivery interval for Deferred queue field, specify the minimum interval between attempts to deliver a message that has been deferred into the Deferred queue.
The default value is 300 seconds.
- In the Maximum delivery interval for Deferred queue field, specify the maximum interval between attempts to send a message that has been deferred into the Deferred queue.
The default value is 4000 seconds.
- In the Maximum queue lifetime for a message, set a limit on the time during which a message with a permanent error status will be stored in the queue. When this time elapses, the message is considered undelivered.
The default value is 3 days.
- In the Deferred queue processing interval field, specify the frequency of scanning of the Deferred queue by the queue manager.
The default value is 1000 seconds.
- In the Maximum queue lifetime for a bounce message, set a limit on the time during which a bounce message with a permanent error status will be stored in the queue. When this time elapses, the message is considered undelivered.
The default value is 3 days.
- In the BCC address for all messages field, specify an optional email address for receiving blind carbon copies of all messages received by the MTA.
- In the Check addresses format for RFC 821 compliance list, configure (enable or disable) checking of email addresses in the
SMTP MAIL FROMandRCPT TOto verify that such addresses are in angle brackets and do not contain RFC 822 comments and phrases. This check prevents reception of messages from malicious applications.To configure checking of addresses, in the Check addresses format for RFC 821 compliance list select one of the following values:
- Yes if you want to enable checking.
- No if you want to disable checking.
The default value is Yes.
- Configure the Disable recipient verification SMTP VRFY setting, which enables or disables the
SMTP VRFYcommand. TheSMTP VRFYcommand prevents certain services from collecting email addresses.To enable or disable the
SMTP VRFYcommand, select one of the following values in the Disable recipient verification SMTP VRFY list:- Yes if you want to enable the command.
- No if you want to disable the command.
The default value is Yes.
- In the EHLO keywords not sent by SMTP server in response field, select check boxes next to those non-case-sensitive
EHLOcommands (for example:pipelining,starttls,auth), which your SMTP server will not announce in the response to theEHLOrequest from an external SMTP client.Default values:
silent-discard,dsn,etrn. - Click OK.
The Advanced MTA settings window closes.
Kaspersky Secure Mail Gateway Monitoring
This section provides information on mail traffic monitoring, the latest threats detected, and system resources.
Mail traffic monitoring
To evaluate the current status of Kaspersky Secure Mail Gateway mail traffic:
- In the main window of the application web interface, open the management console tree and select the Monitoring section.
- In the workspace, select the Email traffic tab.
- Select one of the periods for which you want to display information about mail traffic.
You can view information about mail traffic for the following periods: hour, day, week, or 30 days.
- Select the option for displaying information in charts.
You can view the charts with detected message by quantity or by size.
- Select the status labels of messages (for example, Clean, Threats, Spam or all messages) information about which you want to view.
The workspace displays mail traffic charts for the selected period.
Monitoring of the latest detected threats
To view the list of the latest detected threats:
- In the main window of the application web interface, open the management console tree and select the Monitoring section.
- In the workspace, select the Latest Threats Detected tab.
Two lists are displayed in the workspace:
- Latest infected objects detected – 5 of the last objects detected.
- Latest probably infected objects detected – 5 of the last objects detected.
Monitoring of system resources usage
To evaluate current usage of system resources:
- In the main window of the application web interface, open the management console tree and select the Monitoring section.
- In the workspace, select the System resources tab.
- Select check boxes next to the types of data that you want to see in the system load chart (for example, you can select CPU, RAM, Swap or all options at once).
- Select check boxes next to the types of data that you want to see in the network interfaces load chart (for example, you can select Sending, Receiving or all options at once).
The workspace displays the System and Network interfaces charts with the data you selected.
Kaspersky Secure Mail Gateway database update
This section contains information about updating Anti-Virus, Anti-Spam, and Anti-Phishing databases.
About database updates
Anti-Virus databases, Anti-Spam databases, and Anti-Phishing databases (hereafter also "databases") are files containing records that can be used to detect malicious code in scanned objects. These records contain information about the control sections of malicious code and algorithms used for disinfecting objects that contain such threats.
Virus analysts at Kaspersky Lab detect hundreds of new threats daily, create records to identify them, and include them in database updates packages (or update packages). Update packages consist of one or several files containing records to identify threats that were detected since the previous update package was released. In order to minimize the risk of infecting the protected server, we recommend that you receive database update packages regularly.
As long as the license is in effect, you can receive database update packages from Kaspersky Lab's website automatically on schedule, or download and install them manually.
During installation, Kaspersky Secure Mail Gateway downloads the latest databases from one of Kaspersky Lab's update servers. If you have configured automatic database updates, Kaspersky Secure Mail Gateway runs updates according to schedule (with a frequency of once per 5 minutes).
Kaspersky Secure Mail Gateway periodically and automatically checks for new update packages on Kaspersky Lab's update servers. By default, if the Kaspersky Secure Mail Gateway Anti-Virus databases have not been updated for 24 hours or Anti-Spam databases have not been updated for 1 hour since Kaspersky Lab released the last updates, Kaspersky Secure Mail Gateway logs the event Databases are out of date. If Anti-Virus databases have not been updated for a week or Anti-Spam databases have not been updated for 24 hours, Kaspersky Secure Mail Gateway logs the event Databases are extremely out of date. You can configure administrator notifications about these events.
About update sources
Update source is a resource containing updates for Kaspersky Secure Mail Gateway databases.
The main update source is Kaspersky Lab's update servers. These are special Internet sites which contain updates for databases and application modules for all Kaspersky Lab products. If you connect to the Internet via a proxy server, you have to configure the proxy server connection settings.
To reduce the amount of Internet traffic, you can configure Kaspersky Secure Mail Gateway to update databases from a custom update source. HTTP or FTP servers or local folders on your computer can serve as custom updates sources.
If Kaspersky Secure Mail Gateway is managed using Kaspersky Security Center, you can select Kaspersky Security Center as the update source.
Selecting the update source
To select the update source:
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the Application database update settings section, click the Update source link to open the Application database update settings window.
- In the Update source settings group, select the source from which you want to receive update packages:
- Kaspersky Lab's update servers.
- Kaspersky Security Center.
- Custom update source.
- If you selected a custom update source, in the field under Kaspersky Security Center enter the web address of the update package on your FTP or HTTP server or the full path to the folder with the update package.
You can also select the If inaccessible, use Kaspersky Lab servers check box if you want to receive the update package from Kaspersky Lab update servers whenever the custom update source is unavailable.
- Click OK.
Scheduling database updates
To configure the database update schedule:
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the Application database update settings section, click the Schedule link to open the Application database update settings window.
- In the Schedule settings group, select one of the following options in the drop-down list:
- Manually.
- Once.
- Weekly.
- Monthly.
- Run every.
- In the Schedule settings group, specify the frequency of database updates in the fields on the right of the drop-down list. The following values can be specified depending on the schedule selected:
- If the database update start mode is set to Once, specify the date and time at which the database update is to start in the corresponding fields.
- If the database update start mode is set to Weekly, specify the day of the week and the time at which the database update is to start in the corresponding fields.
For example, if the values are set to Monday and 3:00 PM, the database update runs every Monday at 15:00.
- If the database update start mode is set to Monthly, in the corresponding fields specify the day of the month and the time at which the database update is to start.
For example, if the values are set to 20 and 3:00 PM, the database update runs on the 20th day of the month at 15:00.
- For the Run every update start mode, specify the frequency of the update start in minutes, hours, or days in the corresponding fields:
- To specify the frequency of updates in minutes, select the min. value in the list in the right part of the window, specify the frequency in minutes, and in the Starting at field specify the time of the first database update.
For example, if the frequency value is set to 30, the min. frequency option has been selected, and the value of the Starting at field is set to 15:00, the database update starts every 30 minutes beginning at 3 p.m.
- To specify the frequency of updates in hours, select the hours value in the list in the right part of the window, specify the frequency in hours, and in the Starting at field specify the date and time of the first database update.
For example, if the frequency value is set to 3, the hr(s). frequency option has been selected, and the values the Starting at field are 25.12.2015 and 15:00, the database update starts every 3 hours beginning at 3 p.m. on December 25, 2015.
- To specify the frequency of updates in days, select the days value in the list in the right part of the window, specify the frequency in days, and in the Starting at field specify the time of the first database update.
For example, if the frequency value is set to 2, the days frequency option has been selected, and the value of the Starting at field is set to 15:00, the database update starts once every two days (every other day) at 3 p.m.
- To specify the frequency of updates in minutes, select the min. value in the list in the right part of the window, specify the frequency in minutes, and in the Starting at field specify the time of the first database update.
- Click OK.
Configuring database updates
To configure database update settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the Application database update settings section, click the Schedule link to open the Application database update settings window.
- In the Application database update settings section, in the Randomization interval field specify the deviation from the scheduled time (in minutes) after which the database update is to run on computers so that these computers do not attempt to access the update source simultaneously when the database update starts. This feature is provided to solve the problem of simultaneous access to the update source by a large number of computers when the database update starts.
- In the Application database update settings section, in the Maximum duration field specify the maximum duration of the update process in minutes, after which the database update must be stopped.
- In the Application database update settings section, in the Run skipped tasks list select the procedure for starting the task of the update was not performed at the scheduled time for one of the following reasons:
- The computer was unavailable (turned off or disconnected from the Internet);
- The application was not running.
If the option to run missed tasks is enabled, an attempt is made to start the database update task the next time the application starts on the computer. In the Manually and Once update start mode, the database update task starts as soon as the computer goes online on the local area network.
If the option to run missed tasks is disabled, the database update tasks are started on computers according to schedule only, and Manually and Once database updates are started only on computers connected to the local area network.
- Click OK.
Setting default values for database update settings
To set default values for database update settings and the default database update schedule:
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the Application database update settings section, click the Schedule link to open the Application database update settings window.
- In the lower part of the Application Database Update Settings window, click the Set default values link.
- Click OK.
Updating databases manually
To start a database update manually:
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the workspace of the Application database update settings section, start the database update by clicking the Start update link.
The Start update link is replaced with the Updating in progress text and the database update progress is displayed.
Configuring the proxy server connection settings
To enable or disable usage of a proxy server:
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the workspace, do one of the following:
- Flip on the toggle switch next to the name of the Use proxy server settings group if you want to use a proxy server with Kaspersky Secure Mail Gateway.
- Flip off the toggle switch next to the name of the Use proxy server settings group if you do not want to use a proxy server with Kaspersky Secure Mail Gateway.
To configure the proxy server connection settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Database update subsection.
- In the Use proxy server section, click any link to open the Connection settings window.
- In the Proxy server settings section, select one of the following options in the Use proxy server drop-down list:
- Yes — if you want to use a proxy server with Kaspersky Secure Mail Gateway.
- No — if you do not want to use a proxy server with Kaspersky Secure Mail Gateway.
- In the Address field, enter the proxy server address.
- In the Port field, enter the proxy server port.
- In the Authentication drop-down list in the Authentication settings group section, select one of the following options:
- Not required — if you do not want to use authentication when connecting to the proxy server.
- Plain — if you want to use authentication when connecting to the proxy server.
- If the Authentication setting is set to Plain, enter the user name and password for connecting to the proxy server in the User name and Password fields.
- In the Proxy server connection settings section, select one of the following values in the Bypass proxy for local addresses list:
- Yes — if you do not want to use a proxy server for internal email addresses of your organization.
- No — if you want to use a proxy server irrespective of whether or not email addresses belong to your organization.
- Click OK.
Upgrading Kaspersky Secure Mail Gateway via the web interface
This section describes how you can upgrade Kaspersky Secure Mail Gateway via the web interface.
About Kaspersky Secure Mail Gateway upgrade via the web interface
Kaspersky Lab may release upgrade packages for Kaspersky Secure Mail Gateway. For example, Kaspersky Lab can release critical fixes for vulnerabilities or bugs, scheduled upgrades that add new or improve existing features of Kaspersky Secure Mail Gateway, and packages with additional localizations for Kaspersky Secure Mail Gateway.
Following the release of Kaspersky Secure Mail Gateway upgrades, you can install them via the web interface of Kaspersky Secure Mail Gateway.
Prior to installing upgrades via the web interface of Kaspersky Secure Mail Gateway, you have to download the upgrade package or the localization package in TGZ format along with instructions on how to install this upgrade from the eStore website to your computer.
Kaspersky Secure Mail Gateway services may be suspended for the duration of upgrade installation. The upgrade process may take several minutes. After starting an upgrade of Kaspersky Secure Mail Gateway, do not interrupt the upgrade process or turn off the virtual machine. You may need to restart Kaspersky Secure Mail Gateway after upgrading.
Preparing to upgrade Kaspersky Secure Mail Gateway via the web interface
Before upgrading Kaspersky Secure Mail Gateway, you are strongly advised to make a copy of your Kaspersky Secure Mail Gateway virtual machine (a snapshot of the virtual machine in the hypervisor) to be able to return to the previous version of Kaspersky Secure Mail Gateway if installation of the new version of Kaspersky Secure Mail Gateway fails.
To take a snapshot of a Kaspersky Secure Mail Gateway virtual machine:
- Start VMware vSphere Client.
- Select the virtual machine that you want to take a snapshot of.
- Open the menu by right-clicking.
- In the menu, select the Snapshot item and Take Snapshot sub-item (see figure below).
Snapshot of the virtual machine
The Take Virtual Machine Snapshot window opens (see figure below).
Input of virtual machine snapshot data
- In the Name field, enter the name of the virtual machine snapshot.
- In the Description field, enter a description of the virtual machine snapshot.
- Select the Snapshot the virtual machine's memory check box.
A snapshot of your virtual machine appears in the list of virtual machines in the left part of the main application window.
See VMware vSphere Client manuals for details on managing virtual machines in VMware vSphere Client.
Performing Kaspersky Secure Mail Gateway upgrade via the web interface
To upgrade Kaspersky Secure Mail Gateway via the web interface:
- In the main window of the application web interface, open the management console tree and select the Settings section and System Upgrade subsection.
- Click the Start upgrade link to open the System Upgrade window.
- Click the Browse button to the right of the Uploading Upgrade Package field.
The file selection window opens in the web browser that you use.
- Choose the upgrade file that you want to upload and click the Open button in your web browser.
The file selection window closes.
- Click the Next button.
- Follow the steps of the Upgrade Wizard.
The steps of the Upgrade Wizard may vary depending on the type of upgrade.
More detailed instructions on installing each upgrade are provided in the instruction manual that comes with this upgrade.
Anti-Virus protection
This section contains information about Anti-Virus protection of messages and how to configure it.
About Anti-Virus protection
Kaspersky Secure Mail Gateway performs virus scanning of messages: scans email messages for viruses and other threats and disinfects infected objects using the current (latest) version of Anti-Virus databases.
Messages are scanned for viruses and other threats by Anti-Virus engine. Anti-Virus engine scans the body of the message and all attached files in any format (attachments) using the Anti-Virus databases. The Anti-Virus engine detects and blocks email attachments that are intended for a limited number of recipients and are components of targeted attacks designed to exploit software vulnerabilities.
In addition to virus scanning of messages, you can enable detection of certain legitimate applications by the Anti-Virus component.
Based on the scan results, the Anti-Virus engine assigns the message one of the virus scan status labels and adds a tag with the status at the beginning of the message subject (Subject field).
Depending on the status assigned, the application performs actions in accordance with the message processing rule settings. You can select actions to be performed by the application on messages with a certain status and configure tags to be added to messages based on the Anti-Virus scanning result. Before processing a message, the application saves a copy of it in Backup.
You can specify the maximum size of attachments to be scanned and determine the objects to be skipped during Anti-Virus scanning. Attachments in certain formats and with certain names can be excluded from the scan.
The Anti-Virus engine is enabled by default. If required, you can disable Anti-Virus module or disable Anti-Virus scanning for any rule.
About computer protection against certain legitimate applications
Legitimate applications are applications that may be installed and used on computers of users and are intended for performing user tasks. However, when exploited by intruders, legitimate applications of certain types can harm the user's computer and the corporate LAN. If intruders gain access to these applications, or if they plant them on the user's computer, some of their features can be used to compromise security.
These applications include IRC clients, auto-dialers, file downloaders, computer system activity monitors, password utilities, and Internet servers for FTP, HTTP, and Telnet.
Such applications are described in the table below.
Type |
Name |
Description |
|---|---|---|
Client-IRC |
Online chat clients |
Users install these applications to communicate with people in Internet Relay Chats. Intruders use them to spread malware. |
Dialer |
Auto-dialers |
They can establish phone connections over a modem in hidden mode. |
Downloader |
Downloader applications |
They can download files from web pages in hidden mode. |
Monitor |
Monitor applications |
They allow monitoring activity on the computer on which they are installed (seeing which applications are active and how they exchange data with applications that are installed on other computers). |
PSWTool |
Password restorers |
They allow viewing and restoring forgotten passwords. Intruders secretly plant them on computers for the same purpose. |
RemoteAdmin |
Remote administration programs |
They are widely used by system administrators. These programs allow obtaining access to the interface of a remote computer to monitor and manage it. Intruders secretly plant them on computers for the same purpose: to monitor and control computers. Legitimate remote administration applications differ from Backdoor-type Trojans for remote administration. Trojans have the ability to penetrate the operating system independently and install themselves; legitimate applications are unable to do so. |
Server-FTP |
FTP servers |
They function as FTP servers. Intruders plant them on computers to gain remote access to them via the FTP protocol. |
Server-Proxy |
Proxy servers |
They function as proxy servers. Intruders plant them on computers to send spam from them. |
Server-Telnet |
Telnet servers |
They function as Telnet servers. Intruders plant them on computer to gain remote access to them via the Telnet protocol. |
Server-Web |
Web servers |
They function as web servers. Intruders plant them on computers to gain remote access to them via the HTTP protocol. |
RiskTool |
Tools for managing a virtual machine |
They offer the user additional capabilities for managing the computer. The tools allow the user to hide files or windows of active applications and terminate active processes. |
NetTool |
Network tools |
They offer the user of the computer on which they are installed additional capabilities for interacting with other computers on the network. These tools allow restarting them, detecting open ports, and starting applications that are installed on the computers. |
Client-P2P |
P2P network clients |
They allow working on peer-to-peer networks. They can be used by intruders for spreading malware. |
Client-SMTP |
SMTP clients |
They send email messages without the user's knowledge. Intruders plant them on computers to send spam from them. |
WebToolbar |
Web toolbars |
They add toolbars to the interfaces of other applications to use search engines. |
FraudTool |
Pseudo-programs |
They pass themselves off as other programs. For example, there are pseudo-anti-virus programs which display messages about malware detection. However, in reality, they do not find or disinfect anything. |
About Anti-Virus protection status
Based on the results of scanning for viruses, the Anti-Virus engine assigns one of the following Anti-Virus scan statuses to messages:
- Clean (Clean message)– the object is not infected.
- Infected (Infected message)– the object is infected; either it cannot be disinfected, or disinfection has not been attempted.
- Disinfected (Disinfected message) – the object is disinfected.
- Probably infected (Probably infected message) – the object is probably infected with an unknown virus or a new modification of a known virus.
- Encrypted (Encrypted message) – the object cannot be scanned because it is encrypted.
- Corrupted (Corrupted message) – the object is corrupted or an error occurred during scanning.
Enabling and disabling Anti-Virus protection of messages
To enable or disable Anti-Virus protection of messages:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Virus section, do one of the following:
- Flip on the toggle switch next to the name of the Anti-Virus settings group to enable Anti-Virus scanning of messages.
- Flip off the toggle switch next to the name of the Anti-Virus settings group to disable Anti-Virus scanning of messages.
Enabling and disabling Anti-Virus scanning for a rule
You can enable or disable Anti-Virus scanning of messages for one or several rules. Anti-Virus scanning is enabled by default.
Before enabling or disabling Anti-Virus scanning of messages for a rule, make sure that Anti-Virus engine of Kaspersky Secure Mail Gateway is enabled.
To enable or disable Anti-Virus scanning of messages for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to enable or disable Anti-Virus scanning of messages.
- Select the Authentication of Mail Sender section.
- Do one of the following:
- Flip on the toggle switch next to the name of the Anti-Virus settings group to enable Anti-Virus scanning of messages for a rule.
- Flip off the toggle switch next to the name of the Anti-Virus settings group to disable Anti-Virus scanning of messages for a rule.
- Click the Apply button in the lower part of the workspace.
Configuring Anti-Virus engine settings
To configure Anti-Virus engine settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Virus section, click any link to open the Anti-Virus protection settings window.
- In the Protection and heuristic analysis settings group, select one of the following options in the Use KSN drop-down list:
- Yes — if you want to use KSN.
- No — if you do not want to use KSN.
- In the Protection and heuristic analysis settings group, select one of the following options in the Use heuristic analysis drop-down list:
- Yes — if you want to use Heuristic Analysis.
- No — if you do not want to use Heuristic Analysis.
- If you have enabled Heuristic Analyzer, in the Protection and heuristic analysis settings group in the Heuristic analysis level list select the level of heuristic analysis.
- In the Protection and heuristic analysis settings group, open the drop-down list I consider some legitimate applications that can be exploited by hackers, to be dangerous for the corporate LAN and select one of the following options:
- Yes if you believe that such applications can be exploited by criminals to harm the computer network of your organization.
- No if you do not believe that such applications can be exploited by criminals to harm the computer network of your organization.
Such legitimate applications include, for example, commercial remote administration utilities, IRC clients, dialers, file downloaders, computer system activity monitors, and password management utilities. Messages found to contain such applications are processed according to the rules for infected and probably infected objects.
- If your selection in the I consider some legitimate applications that can be exploited by hackers, to be dangerous for the corporate LAN list is Yes, select one of the following options in the Protection and heuristic analysis section in the Enable detection of some legitimate applications drop-down list:
- Yes if you want to enable detection of such applications by Kaspersky Secure Mail Gateway.
- No if you want to disable detection of such applications by Kaspersky Secure Mail Gateway.
- In the Performance settings group, in the Maximum scanning time field specify the maximum Anti-Virus scan time in seconds.
If the virus scan of a message does not finish within the time limit you specified, Kaspersky Secure Mail Gateway:
- Stops scanning the message (Skip action).
- Assigns Clean (Clean message) status to the message.
- Adds the
av-status="Clean"label to the message subject. - Delivers the message to the recipient.
- Adds the following entry to the /var/log/maillog event log:
<scan date and time> <Kaspersky Secure Mail Gateway host name>: not clean: message-id=<message ID>: relay-ip=<IP address of message recipient's computer>: action="Skipped": rules=<rule ID>: size=<message size>: mail-from=<message sender's email address>: rcpt-to=<message recipient's email address>: av-status="Clean", ap-status="Error", as-status="Error", ma-status="NotScanned, disabled by settings", cf-status="NotScanned, disabled by settings">
- In the Performance settings group, in the Maximum scanning level field specify the maximum scanning level for messages scanned by the Anti-Virus engine.
- Click the Apply button.
Setting default values for Anti-Virus engine settings
To set default values for Anti-Virus engine settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Virus section, click any link to open the Anti-Virus protection settings window.
- In the lower part of the Anti-Virus settings window, click the Set default values link.
- Click the Apply button.
Configuring actions on messages during Anti-Virus scanning
To configure the actions to be performed by Kaspersky Secure Mail Gateway on messages during Anti-Virus scanning:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure actions on messages during Anti-Virus scanning.
- Select the Anti-Virus section.
- Flip on the toggle switch next to the name of the Anti-Virus settings group if it is off.
- In the If an infected or probably infected object is detected drop-down list, select one of the following actions to perform on infected or probably infected messages that pose a threat to the local area network of your organization:
- Disinfect
- Delete attachment.
- Delete message.
- Reject.
- Skip.
- If the value of the If an infected or probably infected object is detected setting is set to Disinfect, in the right part of the workspace in the If disinfection fails drop-down list select one of the following actions to be performed on infected or probably infected messages that could not be disinfected:
- Delete attachment.
- Delete message.
- Reject.
- If the value of the If an infected or probably infected object is detected is set to Disinfect, Delete attachment, or Delete message, you can configure message copies to be automatically saved in Backup before messages are processed. To do so, select the check box next to the Place copy in Backup setting name.
By default, the application places a message copy in Backup before performing the Disinfect, Delete attachment, or Delete message action.
- In the If scan errors detected drop-down list, select one of the following actions to take on messages that returned errors during scanning:
- Delete attachment.
- Delete message.
- Reject.
- Skip.
- In the If encrypted object is detected drop-down list, select one of the following actions to take on messages containing encrypted objects:
- Delete attachment.
- Delete message.
- Reject.
- Skip.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Virus scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Configuring tags added to message subjects after Anti-Virus scanning
To configure tags that Kaspersky Secure Mail Gateway adds to the message subject after Anti-Virus scanning:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to configure tags added to message subjects after Anti-Virus scanning.
- Select the Anti-Virus section.
- Flip on the toggle switch next to the name of the Anti-Virus settings group if it is off.
- Add a tag to the Subject field of infected messages. To do so, perform the following:
- In the If an infected or probably infected object is detected settings group, click the link on the right of the name of the Add the following text to the subject of an infected or probably infected email message setting to open the Tag for messages that contain malicious objects window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of infected or probably infected messages. For example, you can add the Infected tag.
- Click OK.
The Tag for messages that contain malicious objects window closes.
- Add a tag to the Subject field of disinfected messages. To do so, perform the following:
- In the If an infected or probably infected object is detected settings group, click the link on the right of the name of the Add the following text to the subject of a disinfected email message setting to open the Tag for messages that contain disinfected objects window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of disinfected messages. For example, you can add the Cured tag.
- Click OK.
The Tag for messages that contain disinfected objects window closes.
- Add a tag to the Subject field of messages with objects found to contain errors during scanning. To do so, perform the following:
- In the If scan errors detected settings group, click the link on the right of the name of the Add the following text to subject of email message setting to open the Tag for messages with objects that cause scan errors window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of messages that returned scan errors. For example, you can add the Corrupted tag.
- Click OK.
The Tag for messages with objects that cause scan errors window closes.
- Add a tag to the Subject field of messages that contain encrypted objects. To do so, perform the following:
- In the If encrypted object is detected settings group, click the link on the right of the name of the Add the following text to subject of email message setting to open the Tag for messages that contain encrypted objects window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of messages containing encrypted objects. For example, you can add the Encrypted tag.
- Click OK.
The Tag for messages that contain encrypted objects window closes.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Virus scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Configuring Anti-Virus scan restrictions and exclusions
To configure restrictions and exclusions during Anti-Virus scanning for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure restrictions and exclusions from Anti-Virus scanning of messages.
- Select the Anti-Virus section.
- Flip on the toggle switch next to the name of the Anti-Virus settings group if it is off.
- If you want to exclude archives from Anti-Virus scanning, in the Exclusions from scanning settings group select the Do not scan archives check box.
- To exclude message attachments of a certain size from Anti-Virus scanning, do the following in the Exclusions from scanning settings group:
- Click the link on the right of the Do not scan objects larger than: setting to open the Attachment size scan limit window.
- In the field under the window name, enter the maximum size of objects to be scanned in the range from 0 KB to 1048576 KB (1 GB).
If the value is set to 0 KB, no restrictions apply to the size of objects.
- Click OK.
The Attachment size scan limit window closes.
- To exclude message attachments with certain names from Anti-Virus scanning, do the following in the Exclusions from scanning settings group:
- Click the link on the right of the name of the Do not scan attachments by name masks setting to open the Forbidden names window.
- In the field under the window name, enter the masks of names of attachments that you want to exclude from Anti-Virus scanning.
Masks can contain any symbols. Separate masks with the ";" symbol.
- Click OK.
The Forbidden names window closes.
- To exclude message attachments of a certain format from Anti-Virus scanning, do the following in the Exclusions from scanning settings group:
- Click the link on the right of the name of the Do not scan attachments by file types setting to open the Forbidden attachment types window.
- Select check boxes next to the formats of attachments that you want to exclude from Anti-Virus scanning.
- Click the Close button.
The Forbidden attachment types window closes.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Virus scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Anti-Spam protection
This section contains information about Anti-Spam protection of messages and how to configure it.
About Anti-Spam protection
Kaspersky Secure Mail Gateway filters messages passing through the mail server to remove unsolicited mail (spam).
Messages are scanned for spam by the Anti-Spam engine. Anti-Spam engine scans each message for signs of spam. First, Anti-Spam engine scans the attributes of the message, such as sender and recipient addresses, size, and headers (including the From and To fields). Second, Anti-Spam engine analyzes the message content (including the Subject header) and attached files. Anti-Spam engine is enabled by default. If required, you can disable the Anti-Spam engine or disable Anti-Spam scanning for any rule. You can also limit the size of messages to be scanned for spam.
Depending on the sensitivity level, the application assigns messages in which spam or probable spam has been detected the specific statuses in accordance with the spam rating calculated by Anti-Spam. Spam rating is a whole number from 0 to 100 that reflects the number of times Anti-Spam engine was actuated in processing the message. The application also takes into account the responses from the DNSBL, SURBL and UDS servers, SPF technology, and results of reputation filtering to assign the spam rating to messages.
Reputation filtering is a cloud service that uses a technology that determines the reputation of messages. Information about new kinds of spam appears in the cloud service sooner than in Anti-Spam module databases, making it possible to improve the speed and accuracy of spam detection.
Depending on the status assigned, the application performs actions in accordance with the message processing rule settings. You can select actions to be performed by the application on messages with a certain status and configure tags to be added to messages based on the Anti-Spam scanning result. The default action performed on messages is Skip.
Anti-Spam functionality can be configured by editing the settings file for the Anti-Spam engine. In the settings file, you can change, for example, statuses of Anti-Spam scanning of messages or the level of detail of email message information recorded in the Kaspersky Secure Mail Gateway event log.
The settings file of the Anti-Spam engine can be accessed from the Kaspersky Secure Mail Gateway Administration Console in Technical Support Mode with super-user account privileges.
About Anti-Spam message scan status labels
Based on the results of scanning for spam, the Anti-Spam engine assigns one of the following Anti-Spam scan statuses to messages:
- Clean (Not Spam) – the message contains no spam.
- Spam – the application unambiguously recognizes the message as spam.
- Probable Spam – the message may contain spam.
- Blacklisted – the sender's email address is on the global or custom black list of addresses, or the host IP address or DNS name are on the DNSBL black list.
- Massmail – the message belongs to a mass mailing campaign.
- Scan Error – message scanning returned an error.
Enabling and disabling Anti-Spam protection of messages
To enable or disable Anti-Spam protection of messages:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, do one of the following:
- Flip on the toggle switch next to the name of the Anti-Spam settings group to enable Anti-Spam protection of messages.
- Flip off the toggle switch next to the name of the Anti-Spam settings group to disable Anti-Spam protection of messages.
Enabling and disabling Anti-Spam scanning of messages for a rule
You can enable or disable Anti-Spam scanning of messages for one or several rules. Anti-Spam scanning of messages is enabled by default.
Before enabling or disabling Anti-Spam scanning of messages for a rule, make sure that Anti-Spam engine of Kaspersky Secure Mail Gateway is enabled.
To enable or disable Anti-Spam scanning of messages for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to enable or disable Anti-Spam scanning of messages.
- Select the Anti-Spam section.
- Do one of the following:
- Flip on the toggle switch next to the name of the Anti-Spam settings group to enable Anti-Spam scanning of messages for a rule.
- Flip off the toggle switch next to the name of the Anti-Spam settings group to disable Anti-Spam scanning of messages for a rule.
- Click the Apply button in the lower part of the workspace.
Configuring Anti-Spam engine settings
To configure the Anti-Spam engine settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click any of the following links: Use KSN, Use enforced Anti-Spam Updates Service, Use reputation filtering, or Maximum scanning time to open the Anti-Spam settings window.
- In the External services settings group, select one of the following options in the Use KSN drop-down list:
- Yes — if you want to use KSN.
- No — if you do not want to use KSN.
- In the External services settings group, select one of the following options in the Use enforced Anti-Spam Updates Service drop-down list:
- Yes — if you want to use enforced Anti-Spam Updates Service.
- No — if you do not want to use enforced Anti-Spam Updates Service.
- In the External services settings group, select one of the following options in the Use reputation filtering drop-down list:
- Yes — if you want to use the reputation filtering service.
- No — if you do not want to use the reputation filtering service.
- In the Performance settings group, in the Maximum scanning time field specify the maximum Anti-Spam scan time in seconds.
If Anti-Spam scanning of a message does not finish within the time limit you specified, Kaspersky Secure Mail Gateway:
- Stops scanning the message (Skip action).
- Assigns Error (Scan error) status to the message.
- Adds the
as-status="Error"label to the message subject. - Delivers the message to the recipient.
- Adds the following entry to the /var/log/maillog event log:
<scan date and time> <Kaspersky Secure Mail Gateway host name>: not clean: message-id=<message ID>: relay-ip=<IP address of message recipient's computer>: action="Skipped": rules=<rule ID>: size=<message size>: mail-from=<message sender's email address>: rcpt-to=<message recipient's email address>: av-status="Clean", ap-status="Error", as-status="Error", ma-status="NotScanned, disabled by settings", cf-status="NotScanned, disabled by settings">
- Click the Apply button.
Setting default values for Anti-Spam engine settings
To set default values for Anti-Spam engine settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click any of the following links: Use KSN, Use enforced Anti-Spam Updates Service, Use reputation filtering, or Maximum scanning time to open the Anti-Spam settings window.
- In the lower part of the Anti-Spam settings window, click the Set default values link.
- Click the Apply button.
Configuring the custom DNSBL list for the Anti-Spam engine
You can create a custom list of DNSBL servers to improve the accuracy of spam detection. DNSBL servers stores lists of IP addresses that were previously detected as sources of spam and to which the Anti-Spam engine assigns a spam rating and one of the Anti-Spam message scan status labels.
To create the custom DNSBL list of the Anti-Spam engine:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click the Custom DNSBL list link to open the Custom DNSBL list window.
- In the field under the window name, type DNS names or IP addresses into the DNSBL list.
You can use only these symbols: a–z, A–Z, 0–9, "-" and ".", and the "-" symbol must not come last. For example, you can add the sender's DNS name dns-bl.example.com or the sender's IP address 10.0.0.1 to the list.
Separate the addresses with the ";" symbol.
- Click the Apply button.
To view the custom DNSBL list of the Anti-Spam engine:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click the Custom DNSBL list link to open the Custom DNSBL list window.
- Click the Apply or Cancel button after you finish managing the list.
The Custom DNSBL list window closes.
To remove an entry from the custom DNSBL list of the Anti-Spam engine:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click the Custom DNSBL list link to open the Custom DNSBL list window.
- In the field under the window name, select one or several accounts that you want to delete.
- Press the Delete key.
- Click the Apply button.
Configuring the custom SURBL list for the Anti-Spam engine
You can create a custom list of SURBL servers to improve the accuracy of spam detection. SURBL servers store lists of web addresses that were previously detected in the subject or body of messages recognized as spam and to which the Anti-Spam engine assigns a spam rating and one of the Anti-Spam message scan status labels.
To create the custom SURBL list of the Anti-Spam engine:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click the Custom SURBL list link to open the Custom SURBL list window.
- In the field under the window name, type DNS names or IP addresses into the SURBL list.
You can use only these symbols: a–z, A–Z, 0–9, "-" and ".", and the "-" symbol must not come last. For example, you can add the DNS name dns-bl.example.com or the IP address 10.0.0.1 to the list.
Separate the addresses with the ";" symbol.
- Click the Apply button.
To view the custom SURBL list of the Anti-Spam engine:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click the Custom SURBL list link to open the Custom SURBL list window.
- Click the Apply or Cancel button after you finish managing the list.
The Custom SURBL list window closes.
To remove an entry from the custom SURBL list of the Anti-Spam engine:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Spam section, click the Custom SURBL list link to open the Custom SURBL list window.
- In the field under the window name, select one or several accounts that you want to delete.
- Press the Delete key.
- Click the Apply button.
Configuring Anti-Spam scan settings for a rule
You can configure the settings of the Anti-Spam engine for one or several rules.
To configure the settings of the Anti-Spam engine for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure the Anti-Spam engine settings.
- Select the Anti-Spam section.
- Flip on the toggle switch next to the name of the Anti-Spam settings group if it is off.
- In the General settings section, select check boxes next to the names of the general settings that you want to enable:
- Use graphical image processing technologies — if you want to use GSG technology that identifies images containing text in order to determine whether such text is spam. The text is recognized regardless of whether it has been modified, rotated in the image, hidden behind "noise" or otherwise modified to conceal the purpose of the image.
- Scan RTF attachments — if you want the Anti-Spam engine to scan all message attachments in RTF format.
- In the Scan using external services settings group, select check boxes next to the names of settings that control usage of external services you want to enable:
- Use provided DNSBL list if you want the Anti-Spam engine to check senders' addresses against the Kaspersky Lab-provided list of addresses previously detected as spam sources.
- Use custom DNSBL list, if you want the Anti-Spam module to check if the senders' addresses are listed on DNSBL servers specified in the custom DNSBL list.
You can view the custom DNSBL list by clicking the custom link in the name of the Use custom DNSBL list setting.
- Use provided SURBL list if you want the Anti-Spam engine to scan the message subject and body for web addresses appearing in the Kaspersky Lab-provided list of addresses that were previously detected in the subject or body of messages categorized as spam.
- Use custom SURBL list, if you want the Anti-Spam module to check if web addresses present in the message subject and body are listed on SURBL servers specified in the custom SURBL list.
You can view the custom SURBL list by clicking the custom link in the name of the Use custom SURBL list setting.
- In the Raise spam rating if settings group, select check boxes next to the names of languages and fonts that, when used in the message, increase the spam rating of the message:
- Message written in Chinese — if you want the Anti-Spam engine to increase the spam rating of messages written in Chinese.
- Message written in Japanese — if you want the Anti-Spam engine to increase the spam rating of messages written in Japanese.
- Message written in Korean — if you want the Anti-Spam engine to increase the spam rating of messages written in Korean.
- Message written in Thai — if you want the Anti-Spam engine to increase the spam rating of messages written in Thai.
- Message uses Cyrillic script — if you want the Anti-Spam engine to increase the spam rating of messages written using the Cyrillic script.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Spam scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Configuring Anti-Spam scan actions on messages
To configure the actions to be performed by Kaspersky Secure Mail Gateway on messages during Anti-Spam scanning:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure actions on messages during Anti-Spam scanning.
- Select the Anti-Spam section.
- Flip on the toggle switch next to the name of the Anti-Spam settings group if it is off.
- In the If spam is detected drop-down list, select one of the following actions to take on messages containing spam:
- Delete message.
- Reject.
- Skip.
- In the If probable spam is detected drop-down list, select one of the following actions to take on messages containing probable spam:
- Delete message.
- Reject.
- Skip.
- In the If mail sender's address is blacklisted by DNSBL drop-down list, select one of the following actions to take on messages whose sender has been detected in the DNSBL list and that has been assigned Blacklisted status:
- Delete message.
- Reject.
- Skip.
- In the If mass mailing is detected drop-down list, select one of the following actions to take on messages found to contain mass mailing:
- Delete message.
- Reject.
- Skip.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Spam scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Configuring tags added to message subjects after Anti-Spam scanning
To configure tags that Kaspersky Secure Mail Gateway to the message subject after Anti-Spam scanning:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to configure tags added to message subjects after Anti-Spam scanning.
- Select the Anti-Spam section.
- Flip on the toggle switch next to the name of the Anti-Spam settings group if it is off.
- Add a tag to the Subject field of messages that contain spam. To do so, perform the following:
- In the If spam is detected settings group, click the link on the right of the name of the Add the following text to subject of email message setting to open the Tag for spam messages window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of messages containing spam. For example, you can add the Spam tag.
- Click OK.
The Tag for spam messages window closes.
- Add a tag to the Subject field of messages that contain probable spam. To do so, perform the following:
- In the If probable spam is detected settings group, click the link on the right of the name of the Add the following text to subject of email message setting to open the Tag for probable spam messages window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of probable spam messages. For example, you can add the Probable spam tag.
- Click OK.
The Tag for probable spam messages window closes.
- Add a tag to the Subject field for messages whose sender has been detected in the DNSBL list and assigned Blacklisted status. To do so, perform the following:
- In the If mail sender's address is blacklisted by DNSBL setting section, click the link on the right of the name of the Add the following text to subject of email message setting to open the Tag for messages blacklisted by DNSBL window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of messages from blacklisted senders. For example, you can add the Blacklisted tag.
- Click OK.
The Tag for messages blacklisted by DNSBL window closes.
- Add a tag to the Subject field of messages that contain mass mailing. To do so, perform the following:
- In the If mass mailing is detected settings group, click the link on the right of the name of the Add the following text to subject of email message setting to open the Tag for mass mailing window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of messages found to contain mass mailing. For example, you can add the MassMail tag.
- Click OK.
The Tag for mass mailing window closes.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Spam scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Anti-Phishing protection
This section contains information about Anti-Phishing protection of messages and how to configure it.
About Anti-Phishing protection
Kaspersky Secure Mail Gateway filters out phishing threats and links to websites with malware from messages passing through the mail server. Phishing applies to messages with phishing web addresses, containing images or text that could trick users into disclosing confidential data to fraudsters.
The Anti-Phishing engine scans messages for phishing threats and links to websites with malware. The Anti-Phishing engine analyzes the message content (including the Subject header) and attached files.
Based on the Anti-Phishing scan results, the application assigns the message one of the Anti-Phishing scan statuses and adds a status tag at the beginning of the message subject (Subject field). You can configure the message status tag in the rule settings.
Depending on the status assigned, the application performs actions in accordance with the message processing rule settings. You can specify actions to be performed by the application on messages with a certain status. The default action taken by the application on messages is Skip, with messages delivered to users unchanged.
The Anti-Phishing engine is enabled by default. If required, you can disable the Anti-Phishing engine or disable Anti-Phishing scanning of messages for any rule.
About Anti-Phishing message scan status labels
Based on the Anti-Phishing scan results, the Anti-Phishing engine assigns one of the following status labels to the message:
- Clean (Not Phishing) – the message does not contain phishing URLs, images or text that could trick users into disclosing confidential data to fraudsters, or links to websites with malware.
- Phishing – the application has found the message to contain images or text that could trick users into disclosing confidential data to fraudsters.
- Malicious link – the application has found the message to contain links to websites with malware.
- Scan Error – message scanning returned an error.
Enabling and disabling Anti-Phishing protection of messages
To enable or disable Anti-Phishing protection of messages:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Phishing section, do one of the following:
- Flip on the toggle switch next to the name of the Anti-Phishing settings group to enable Anti-Phishing protection of messages.
- Flip off the toggle switch next to the name of the Anti-Phishing settings group to disable Anti-Phishing protection of messages.
Enabling and disabling Anti-Phishing scanning of messages for a rule
You can enable or disable Anti-Phishing scanning of messages for one or several rules. Anti-Phishing scanning of messages is enabled by default.
Before enabling or disabling Anti-Phishing scanning of messages for a rule, make sure that Anti-Phishing engine of Kaspersky Secure Mail Gateway is enabled.
To enable or disable Anti-Phishing scanning of messages for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to enable or disable Anti-Phishing scanning of messages.
- Select the Anti-Phishing section.
- Do one of the following:
- Flip on the toggle switch next to the name of the Anti-Phishing settings group to enable Anti-Phishing scanning of messages for a rule.
- Flip off the toggle switch next to the name of the Anti-Phishing settings group to disable Anti-Phishing scanning of messages for a rule.
- Click the Apply button in the lower part of the workspace.
Configuring Anti-Phishing engine settings
To configure the Anti-Phishing engine settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Phishing section, click any link to open the Anti-Phishing settings window.
- Select one of the following options in the Use KSN drop-down list:
- Yes — if you want to use KSN.
- No — if you do not want to use KSN.
- Select one of the following options in the Use heuristic Anti-Phishing drop-down list:
- Yes — if you want to use Heuristic Anti-Phishing.
- No — if you do not want to use Heuristic Anti-Phishing.
- In the Maximum scanning time field, specify the maximum duration of Anti-Phishing scanning of a message in seconds.
If Anti-Phishing scanning of a message does not finish within the time limit you specified, Kaspersky Secure Mail Gateway:
- Stops scanning the message (Skip action).
- Assigns Error (Scan error) status to the message.
- Adds the
ap-status="Error"label to the message subject. - Delivers the message to the recipient.
- Adds the following entry to the /var/log/maillog event log:
<scan date and time> <Kaspersky Secure Mail Gateway host name>: not clean: message-id=<message ID>: relay-ip=<IP address of message recipient's computer>: action="Skipped": rules=<rule ID>: size=<message size>: mail-from=<message sender's email address>: rcpt-to=<message recipient's email address>: av-status="Clean", ap-status="Error", as-status="Error", ma-status="NotScanned, disabled by settings", cf-status="NotScanned, disabled by settings">
- Select one of the following options in the Use KSN drop-down list:
- Yes — if you want to use KSN.
- No — if you do not want to use KSN.
- Click the Apply button.
Setting default values for Anti-Phishing engine settings
To set default values for Anti-Phishing engine settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Anti-Phishing section, click any link to open the Anti-Phishing settings window.
- In the lower part of the Anti-Phishing settings window, click the Set default values link.
- Click the Apply button.
Configuring Anti-Phishing scan actions on messages
To configure the actions to be performed by Kaspersky Secure Mail Gateway on messages during Anti-Phishing scanning:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure actions on messages during Anti-Phishing scanning.
- Select the Anti-Phishing section.
- Flip on the toggle switch next to the name of the Anti-Phishing settings group if it is off.
- In the If phishing threats or URLs of websites with malware are detected drop-down list, select one of the following actions to be performed on messages with phishing threats and messages containing links to web resources with malware:
- Delete message.
- Reject.
- Skip.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Phishing scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Configuring tags added to message subjects after Anti-Phishing scanning
To configure tags that Kaspersky Secure Mail Gateway adds to the message subject after Anti-Phishing scanning:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to configure tags added to message subjects after Anti-Phishing scanning.
- Select the Anti-Phishing section.
- Flip on the toggle switch next to the name of the Anti-Phishing settings group if it is off.
- Add a tag to the Subject field of messages that contain phishing threats. To do so, perform the following:
- In the If phishing threats or URLs of websites with malware are detected settings group, click the link on the right of the Add the following text to the subject of a phishing message setting to open the Tag for messages with phishing threats window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of messages containing phishing threats. For example, you can add the Phishing tag.
- Click OK.
The Tag for messages with phishing threats window closes.
- Add a tag to the Subject field of messages containing links to web resources with malware. To do so, perform the following:
- In the If phishing threats or URLs of websites with malware are detected settings group, click the link on the right of the Add the following text to the subject of a message containing the URL of a website with malware setting to open the Tag for messages found to contain URLs of websites with malware window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the subject of messages containing links to web resources with malware. For example, you can add the Malicious Link tag.
- Click OK.
The Tag for messages found to contain URLs of websites with malware closes.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that Anti-Phishing scanning of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Content filtering of messages
This section contains information about content filtering of messages and how to configure it.
About content filtering
Kaspersky Secure Mail Gateway can perform content filtering of messages that pass through the mail server. You can restrict transmission of messages with specific parameters by the mail server.
Content filtering of messages is performed according to one of the following parameters:
- Message size
- Masks of attachment names
- Attachment formats
As a result of content filtering, Scan Logic assigns messages one of the following statuses:
Depending on the status assigned, the application performs actions in accordance with the message processing rule settings. You can specify actions to be performed by the application on messages with a certain status. The default action performed on messages is Reject.
About message content filtering status labels
As a result of content filtering, the Scan Logic message scanning control module assigns one of the following content filtering statuses to messages:
- Clean – the message has not been found to contain any violations of restrictions specified in content filtering settings.
- Banned Attachment Name – the message contains an attachment with a banned name.
- Banned Attachment Type – the message contains an attachment having a banned file format.
- Message Size Exceeded – the message exceeds the maximum allowed size.
Enabling and disabling content filtering of messages
To enable or disable content filtering of messages:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Content filtering section, do one of the following:
- Flip on the toggle switch next to the name of the Content filtering section to enable content filtering of messages.
- Flip off the toggle switch next to the name of the Content filtering section to disable content filtering of messages.
Enabling and disabling content filtering of messages for a rule
You can enable or disable content filtering of messages for one or several rules. By default, content filtering of messages is disabled.
Before enabling or disabling content filtering of messages for a rule, make sure that content filtering in Kaspersky Secure Mail Gateway is enabled.
To enable or disable content filtering of messages for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to enable or disable content filtering of messages.
- Select the Content filtering section.
- Do one of the following:
- Flip on the toggle switch next to the name of the Content filtering settings group to enable content filtering of messages for a rule.
- Flip off the toggle switch next to the name of the Content filtering settings group to disable content filtering of messages for a rule.
- Click the Apply button in the lower part of the workspace.
Configuring settings of message content filtering for a rule
To configure message content filtering settings for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the rules list, click the name of the rule to open the rule for which you want to configure the message content filtering settings.
- Select the Content filtering section.
- Flip on the toggle switch next to the name of the Content filtering settings group if it is off.
- To restrict transmission of messages containing attachments of a certain size:
- In the If the allowed message size is exceeded settings group, click the Message size limit link to open the Attachment size scan limit window.
- In the field under the window name, enter the maximum size of objects in the range from 0 KB to 1048576 KB (1 GB).
If the value is set to 0 KB, no restrictions apply to the size of objects.
- Click OK.
The Attachment size scan limit window closes.
- To restrict transmission of messages containing attachments of a certain format:
- In the If attachment type is forbidden settings group, click the link on the right of the Forbidden formats of attachments setting to open the Forbidden attachment types window.
- Select check boxes next to the formats of attachments the transmission of which you want to restrict.
You can restrict transmission of messages with the following attachments:
- Executable files (e.g., EXE; DLL; OCX)
- Document files (e.g., DOC; XLS; PDF; PPT)
- Multimedia files (e.g., AVI; WMV; MP3)
- Graphic files (e.g., JPG; BMP; WMF)
- Archives (e.g., ZIP; RAR; TGZ)
- Databases (e.g., ACCDB; ACCDC; MDB)
- Other files (e.g., TXT; CHM; HTM)
- Click the Close button.
The Forbidden attachment types window closes.
- To restrict transmission of messages containing attachments with specific names:
- In the If attachment name is forbidden settings group, click the link on the right of the Forbidden names of attachments setting to open the Forbidden names window.
- In the field under the window name, enter the masks of names of attachments the transmission of which you want to restrict.
Masks can contain any symbols. Separate masks with the ";" symbol.
For example, you can enter the
*.exename mask to restrict transmission of messages that include attachments with the exe extension. - Click OK.
The Forbidden names window closes.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that content filtering of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Configuring actions to take on messages during content filtering
To configure the actions to be performed by Kaspersky Secure Mail Gateway on messages during content filtering:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure actions on messages during content filtering.
- Select the Content filtering section.
- Flip on the toggle switch next to the name of the Content filtering settings group if it is off.
- In the If the allowed message size is exceeded drop-down list, select one of the following actions to be performed on messages containing attachments whose size exceeds the limit:
- Delete message.
- Reject.
- Skip.
- In the If attachment type is forbidden drop-down list, select one of the following actions to be taken on messages containing attachments of a forbidden format:
- Delete message.
- Delete attachment.
- Reject.
- Skip.
- In the If attachment name is forbidden drop-down list, select one of the following actions to be taken on messages containing attachments with forbidden names:
- Delete message.
- Delete attachment.
- Reject.
- Skip.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that content filtering of messages is enabled for the rule and the rule for which you have configured settings is enabled.
Using message processing rules
This section contains information about message processing rules, information on how to configure rule settings and configure Kaspersky Secure Mail Gateway settings for each message processing rule.
About message processing rules
A message processing rule (hereinafter also "the rule") is a specific multitude of pairs of addresses of senders and recipients whose email messages are processed by Kaspersky Secure Mail Gateway by applying the same values of settings. For a rule to be assigned to an email message, the addresses of the sender and recipient must be specified in the rule settings.
By default, the application contains the following preset message processing rules:
- WhiteList – process messages from the white list.
- BlackList – process messages from the black list.
- Default – process messages according to settings predefined by Kaspersky Lab.
When processing an email message, Kaspersky Secure Mail Gateway checks each rule for the sender-recipient pair of addresses beginning with the highest-priority rule (1). If no match is found, Kaspersky Secure Mail Gateway checks the pair of addresses of the rule with the next highest priority (2). As soon as it finds the sender - recipient" pair of addresses in any rule, the application applies the processing settings configured in that rule to the message.
If none of the rules contains the "sender - recipient" pair of addresses, the message is processed according to the preset settings of the Default rule.
You can customize the settings of each message processing rule.
Creating message processing rules
To create a message processing rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- Click the Create button in the upper part of the workspace.
A new message processing rule opens.
- Select the General rule settings section.
- In the Rule name (required) field, enter the name of the new rule.
The rule must have a unique name in the list of Kaspersky Secure Mail Gateway rules.
- In the Rule description field, enter the rule description.
- In the Rule type settings group, select one of the following message processing options:
- Use the settings of scan modules—if you want the application to process messages according to this rule using the settings of the Anti-Spam, Anti-Phishing, and Anti-Virus engines and content filtering settings configured for this rule.
The following settings groups are displayed in the lower part of the workspace (if they were hidden previously). You can use them to configure Kaspersky Secure Mail Gateway settings for a rule:
- Reject without scanning — if you want the application to reject the message without scanning when processing the message according to this rule.
- Exempt from scanning — if you want the application to deliver the message to recipients without scanning when processing the message according to this rule.
The Email disclaimer section is displayed in the lower part of the workspace, in which you can configure disclaimers for messages processed according to this rule.
- Use the settings of scan modules—if you want the application to process messages according to this rule using the settings of the Anti-Spam, Anti-Phishing, and Anti-Virus engines and content filtering settings configured for this rule.
- Click the Create button in the lower part of the workspace.
The rule is created and added to the list of rules in the Rules section.
In order for a rule to be used by Kaspersky Secure Mail Gateway, you have to configure the list of message senders and the list of message recipients for this rule.
You can also create a rule by copying an existing rule or editing its settings.
By default, the rule is assigned the highest priority of all previously created rules. You can change the rule priority level.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled. By default, the new rule is disabled and not used during operation of the application.
Creating a copy of a message processing rule
To create a copy of a message processing rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- Select the check box in the line with the name of the rule that you want to copy.
- Click the Export button in the upper part of the workspace.
- In the General rule settings section, edit the rule name in the Rule name (required) field.
The rule must have a unique name in the list of Kaspersky Secure Mail Gateway rules.
- Click the Create button in the lower part of the workspace.
A copy of the rule is created and added to the list of rules in the Rules section.
You can edit the rule description, rule settings, and Kaspersky Secure Mail Gateway settings for this rule.
By default, the rule is assigned the highest priority of all previously created rules. You can change the rule priority level.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled. By default, the new rule is disabled and not used during operation of the application.
Configuring lists of message senders and recipients for a rule
In order for a rule to be used by Kaspersky Secure Mail Gateway, you have to configure the lists of message senders and recipients for this rule.
You can configure lists of message senders and recipients as follows:
- Create lists of message senders and recipients. You can add IP addresses of message senders and email addresses and LDAP accounts of message senders and recipients to lists.
- Copy addresses from lists of message senders and recipients to clipboard and paste addresses from clipboard into lists of message senders and recipients.
- Remove addresses from lists of message senders and recipients. You can remove individual addresses from lists, clear the lists of message senders and recipients, and also remove LDAP accounts from the List of senders' LDAP accounts and the List of recipients' LDAP accounts in the process of configuring lists of message senders and recipients.
Adding email addresses
To add email addresses to lists of message senders and recipients:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders and recipients.
- Select the General rule settings section.
- Select the list to which you want to add email addresses:
- Senders — if you want to add email addresses to the list of message senders.
- Recipients — if you want to add email addresses to the list of message recipients.
- Under the list name, click the button with the icon corresponding to the type of the sender's or recipient's address, and select Email addresses in the context menu of the button.
- Type the email address in the field to the right of the Email addresses icon.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the Add button to the right of the entry field.
Once added, the email address appears in the list you have selected with the Email addresses icon.
- To undo the last action, click the Undo last link under the list you have selected.
- After adding all email addresses to the list, click the Apply button in the lower part of the workspace.
Changes made to the lists of message senders or recipients are saved in the message processing rule that you are configuring.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled.
Adding IP addresses
You can add IP addresses only to the list of message senders. IP addresses cannot be added to the list of message recipients.
To add IP addresses to the list of message senders:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders and recipients.
- Select the General rule settings section.
- Select the Senders list.
- Under the list name, click the button with the icon corresponding to the type of the sender's address, and select IP addresses in the context menu of the button.
- In the field on the right of the IP addresses icon, enter the IP address of the message sender.
IP addresses should be entered one at a time. Repeat the process of adding addresses to the list for all IP addresses that you are adding.
You can enter an IPv4 address (for example: 192.0.0.1 or 192.0.0.0/16), an IPv6 address (for example: 2607:f0d0:1002:51::4), or subnet address in CIDR format (for example: fc00::/7).
- Click the Add button to the right of the entry field.
The IP address you have added appears in the list of message senders with the IP addresses icon.
- To undo the last action, click the Undo last link under the list of message senders.
- After adding all IP addresses to the list, click the Apply button in the lower part of the workspace.
Changes made to the lists of message senders or recipients are saved in the message processing rule that you are configuring.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled.
Adding LDAP accounts
To add LDAP accounts to lists of message senders and recipients:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders and recipients.
- Select the General rule settings section.
- Select the list to which you want to add LDAP accounts:
- Senders — if you want to add LDAP accounts to the list of message senders.
- Recipients — if you want to add LDAP accounts to the list of message recipients.
- Under the list name, click the button with the icon corresponding to the type of the sender's or recipient's address, and select LDAP accounts in the context menu of the button.
- Click the Find button on the right of the entry field.
This opens a window depending on the list to which you are adding LDAP accounts:
- Edit the list of senders for rule — if you are adding LDAP accounts to the list of message senders.
- Edit the list of recipients for rule — if you are adding LDAP accounts to the list of message recipients.
- In the window that opens, in the Sender's LDAP account field type a search query to search for accounts in the external directory service.
- Click the Find button on the right of the entry field.
The list of accounts that have been found is displayed in the field under the Find button.
- Select the LDAP accounts that you want to add to the list of message senders or recipients.
You can select several LDAP accounts.
- Click the Add to list button under the list.
The selected accounts are displayed in a list:
- List of senders' LDAP accounts — if you are adding LDAP accounts to the list of message senders.
- List of recipients' LDAP accounts — if you are adding LDAP accounts to the list of message recipients.
- Click OK in the lower part of the window:
- Edit the list of senders for rule — if you are adding LDAP accounts to the list of message senders.
- Edit the list of recipients for rule — if you are adding LDAP accounts to the list of message recipients.
The window in which you added LDAP accounts closes.
The LDAP accounts that you have added appear in the list of addresses with the LDAP accounts icon.
- To undo the last action, click the Undo last link under the list of addresses.
- Click the Apply button in the lower part of the workspace.
Changes made to the lists of message senders or recipients are saved in the message processing rule that you are configuring.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled.
Removing LDAP accounts from the list of LDAP accounts
You can remove LDAP accounts from lists of senders and recipients in message processing rules and also from lists of LDAP accounts in the Edit list of senders for rule and Edit list of recipients for rule windows while configuring lists of message senders and recipients for a rule.
To remove LDAP accounts from lists of LDAP accounts:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders and recipients.
- Select the General rule settings section.
- Select the list in which you want to manage LDAP accounts:
- Senders — to manage LDAP accounts of message senders.
- Recipients — to manage LDAP accounts of message recipients.
- Under the list name, click the button with the icon corresponding to the type of the sender's or recipient's address, and select LDAP accounts in the context menu of the button.
- Click the Find button on the right of the entry field.
This opens a window depending on the list in which you are managing LDAP accounts:
- Edit the list of senders for rule — if you are managing LDAP accounts in the list of message senders.
- Edit the list of recipients for rule — if you are managing LDAP accounts in the list of message recipients.
- In the lower part of the window, select the LDAP accounts that you want to remove from the list:
- List of senders' LDAP accounts — if you are removing LDAP accounts from the list of message senders.
- List of recipients' LDAP accounts — if you are removing LDAP accounts from the list of message recipients.
You can select several LDAP accounts.
- Click the Delete from list button under the list.
The selected accounts are removed from the selected list.
- Click OK in the lower part of the window:
- Edit the list of senders for rule — if you are removing LDAP accounts from the list of message senders.
- Edit the list of recipients for rule — if you are removing LDAP accounts from the list of message recipients.
The window in which you deleted LDAP accounts closes.
The deleted LDAP accounts are also removed from the list of addresses of message senders or recipients for the rule you selected.
- To undo the last action, click the Undo last link under the list of addresses.
- Click the Apply button in the lower part of the workspace.
Changes made to the list of message senders or recipients are saved in the message processing rule that you are configuring.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled.
Copying and pasting addresses
To copy an address from the list of senders or recipients in a message processing rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders or recipients.
- Select the General rule settings section.
- Select the list from which you want to copy addresses to clipboard:
- Senders — if you want to copy addresses from the list of message senders.
- Recipients — if you want to copy addresses from the list of message recipients.
- Click the link under the selected list to open the Export entries to clipboard window.
- In the Select type list, select the type of addresses that you want to copy:
- Email addresses — if you want to copy email addresses.
- IP addresses — if you want to copy IP addresses (only from the list of message senders).
- LDAP accounts — if you want to copy LDAP accounts.
A list of addresses of the selected type appears in the field under the list of address types.
- Select the addresses you want to copy.
- Copy the addresses to clipboard.
- In the lower part of the Export entries to clipboard window, click Cancel.
The Export entries to clipboard window closes.
To paste addresses from clipboard to the list of message senders or recipients in a message processing rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders and recipients.
- Select the General rule settings section.
- Select the list into which you want to paste addresses from clipboard:
- Senders — if you want to paste addresses from clipboard into the list of message senders.
- Recipients — if you want to paste addresses from clipboard into the list of message recipients.
- Click the link under the selected list to open the Import records from clipboard window.
- In the Select type list, select the type of addresses that you want to past from clipboard:
- Email addresses — if you want to paste email addresses.
- IP addresses — if you want to paste IP addresses (only from the list of message senders).
- LDAP accounts — if you want to paste LDAP accounts.
- Paste addresses from clipboard into the field under the list of address types.
- In the lower part of the Export entries to clipboard window, click Import.
The Import records from clipboard window closes.
The addresses you have added appear in the list of message senders or recipients with icons corresponding to the types of addresses.
To undo the last action, click the Undo last link under the list of message senders or recipients.
- Click the Apply button in the lower part of the workspace.
Changes made to the lists of message senders or recipients are saved in the message processing rule that you are configuring.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled.
Deleting addresses
You can remove individual addresses from the lists of senders or recipients or clear the lists of senders and recipients in a message processing rule.
To remove addresses from the list of senders or recipients:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders and recipients.
- Select the General rule settings section.
- Select the list from which you want to remove addresses:
- Senders — if you want to remove addresses from the list of message senders.
- Recipients — if you want to remove addresses from the list of message recipients.
- In the list, select the address that you want to remove.
- Click the removal icon on the right of the address that you want to remove.
The address is removed from the list of message senders or recipients.
- To undo the last action, click the Undo last link under the list of message senders or recipients.
- Click the Apply button in the lower part of the workspace.
Changes made to the lists of message senders or recipients are saved in the message processing rule that you are configuring.
To clear the list of senders or recipients:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to manage the list of message senders and recipients.
- Select the General rule settings section.
- Select the list from which you want to remove all addresses:
- Senders — if you want to clear the list of message senders.
- Recipients — if you want to clear the list of message recipients.
- Click the link under the selected list to open the action confirmation window:
- Clear list of senders? — if you want to clear the list of message senders.
- Clear the list of recipients? — if you want to clear the list of message recipients.
- Click Yes.
The action confirmation window closes.
All addresses are removed from the list of message senders or recipients.
- To undo the last action, click the Undo last link under the list of message senders or recipients.
- Click the Apply button in the lower part of the workspace.
Changes made to the lists of message senders or recipients are saved in the message processing rule that you are configuring.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled.
Deleting message processing rules
To delete message processing rules:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- Select the check box in the lines with the names of one or several rules that you want to delete.
- Click the Delete button in the upper part of the workspace.
The selected message processing rules are deleted.
Enabling and disabling a message processing rule
To enable or disable a message processing rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- Do one of the following:
- Flip on the toggle switch in the line with the name of the rule that you want to enable.
- Flip off the toggle switch in the line with the name of the rule that you want to disable.
Changing the message processing rule priority
To change the message processing rule priority:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- Select the check box in the line with the name of the rule whose priority you want to change.
- Click one of the following buttons in the upper part of the workspace:
- Move Up — if you want to raise the priority of the rule by one level.
The rule is moved one level up in the list of rules.
Click the Move Up button as many times as you want to raise the priority of the rule.
- Move Down — if you want to lower the priority of the rule by one level.
The rule is moved one level down in the list of rules.
Click the Move Down button as many times as you want to lower the priority of the rule.
- Move Up — if you want to raise the priority of the rule by one level.
Connecting to an LDAP server
This section describes how you can connect Kaspersky Secure Mail Gateway to an LDAP server and configure the LDAP server connection settings and filters.
About the connection to an LDAP server
Kaspersky Secure Mail Gateway can connect to servers of external directory services used by your organization via the LDAP protocol.
A directory service is a software system that can store information about network resources (such as users) in one place and provides centralized management capabilities.
LDAP stands for Lightweight Directory Access Protocol for accessing directory services.
A connection to an external directory service via the LDAP protocol enables the Kaspersky Secure Mail Gateway administrator to perform the following tasks:
- Add senders or recipients from an external directory service to message processing rules.
- Create, edit, and view custom black and white lists of addresses of users on the LAN of the organization.
- View Backup copies of messages of users on the LAN of the organization.
Connecting to and disconnecting from an LDAP server
To connect to an LDAP server or disconnect from an LDAP server:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- Click the LDAP server connection link to open the LDAP server connection window.
- Select one of the following LDAP server connection options:
- Not in use if you do not want to use an LDAP server with Kaspersky Secure Mail Gateway.
- Active Directory or generic LDAP if you want to connect to an LDAP server of Microsoft Active Directory or any other LDAP-compatible directory service (such as Red Hat Directory Server).
- If you want to limit the server response timeout, select the check box next to the name of the Limit server response timeout setting.
- If you have selected the check box next to the name of the Set a time limit for server time-out setting, in the Server time-out in seconds field specify the maximum time in seconds during which a response from the LDAP server must be received.
The default value is 20 seconds.
- Click the Apply button.
The LDAP server connection window closes.
Adding a connection to an LDAP server
You can add a connection to one or several LDAP servers.
To add a connection to an LDAP server:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- If the workspace shows the value of the LDAP server connection as Not in use, do the following:
- Click the LDAP server connection link to open the LDAP server connection window.
- In the LDAP server list, select Active Directory or generic LDAP.
- If you want to limit the server response timeout, select the check box next to the name of the Limit server response timeout setting.
- If you have selected the check box next to the name of the Set a time limit for server time-out setting, in the Server time-out in seconds field specify the maximum time in seconds during which a response from the LDAP server must be received.
The default value is 20 seconds.
- Click the Apply button.
The LDAP server connection window closes.
- Click the Add button in the workspace.
The LDAP server connection wizard window opens.
- On the Connection settings tab, in the LDAP server settings section, select one of the following external directory services in the LDAP server drop-down list:
- generic LDAP if you want to add a connection to a server of an LDAP-compatible directory service (such as Red Hat Directory Server).
- Active Directory if you want to add a connection to a Microsoft Active Directory server.
- In the LDAP server settings section, in the Server address field type the IP address in IPv4 format or the FQDN name of the LDAP server to which you want to connect.
- In the LDAP server settings section, in the Connection port number list specify the port for connecting to the LDAP server.
The LDAP server usually receives inbound connections at port 389 via the TCP or UDP protocol. Port 636 is normally used to connect to an LDAP server via the SSL protocol.
- In the LDAP server settings section, in the Connection type list select one of the data encryption options when connecting to the LDAP server:
- SSL, if you want to use SSL.
- TLS, if you want to use TLS.
- No encryption, if you do not want to use data encryption technologies when connecting to the LDAP server.
- In the Authentication settings section, in the LDAP server user account name field type the name of the user of the LDAP server who has privileges to read directory records (BindDN). Enter the user name in one of the following formats:
cn=<user name>, ou=<department name>(if required), dc=<domain name>, dc=<parent domain name>, if you want to add a connection to a server of an LDAP-compatible directory service (such as Red Hat Directory Server).For example, you can enter the following user name:
cn=LdapServerUser, dc=example, dc=com,whereLdapServerUseris the name of the LDAP server user;exampleis the domain name of the directory to which the user's account belongs;comis the name of the parent domain in which the directory is located.cn=<user name>, ou=<unit name>(if required), dc=<domain name>, dc=<parent domain name>or<user name>@<domain name>.<parent domain name>if you want to add a connection to a Microsoft Active Directory server.For example, you can enter the following user name:
LdapServerUser@example.com,whereLdapServerUseris the name of the LDAP server user;example.comis the domain name of the directory to which the user's account belongs.
- In the Authentication settings section, in the LDAP server user account password field type the LDAP server access password of the user specified in the LDAP server user account name field.
- In the Search settings section, in the Search base field type the DN (Distinguished Name) of the directory object beginning with which Kaspersky Secure Mail Gateway will start searching directory records.
Enter the search base in the following format:
ou=<department name>(if required), dc=<domain name>,dc=<parent domain name>.For example, you can enter the following search base:
ou=people, dc=example, dc=com,wherepeopleis the directory level from which Kaspersky Secure Mail Gateway starts searching for records (the search is run at thepeoplelevel and lower levels. Objects located above this level are excluded from the search scope);exampleis the domain name of the directory in which Kaspersky Secure Mail Gateway searches for records;comis the name of the parent domain in which the directory is located. - Click the Check button.
Kaspersky Secure Mail Gateway checks the connection to the LDAP server using the connection and authentication settings you have specified.
- Click the Next button.
The Filters tab opens.
- In the Set up LDAP filters group of settings, in the User authentication field specify the user authentication filter (for example, to let the user access the user's messages in Backup).
- To set the standard values of the user authentication filter, click the Set default values link under the User authentication field.
- In the Set up LDAP filters group of settings, in the User and group search field configure the user and group search filter.
- To set the standard values of the user and group search filter, click the Set default values link under the User and group search field.
- In the Set up LDAP filters group of settings, in the Search for the DN of users and groups using email address field specify the filter for searching for the DN of users and groups to which they belong based on their email address.
- To set standard values for the filter for searching for the DN of users and groups to which they belong based on their email address, click the Set default values link under the Search for the DN of users and groups using email address.
- In the Set up LDAP filters group of settings, in the Search for groups by users' DN field configure the filter for searching for groups to which the user belongs based on the user's DN. This filter is used when the user group could not be determined using the filter specified in the Search for the DN of users and groups using email address field.
- To set the standard values of the filter for searching for groups to which the user belongs based on the user's DN, click the Set default values link under the Search for groups by users' DN field.
- Select the Use recursive search check box to enable a search for LDAP accounts in subgroups.
- Click the Finish button.
The LDAP server connection wizard window closes.
The connection to an external directory service that you have added appears in the workspace of the LDAP section of the main window of the application interface.
Deleting a connection to an LDAP server
You can delete a connection to one or several LDAP servers.
To delete a connection to an LDAP server:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- In the lower part of the workspace, select the check box next to the address of the LDAP server that you want to remove.
- Click the Delete button.
The Delete action confirmation window opens.
- Click Yes.
The Delete window closes.
The connection to the LDAP server is deleted.
Enabling and disabling a connection to an LDAP server
You can enable or disable the connection to one or several LDAP servers.
To enable or disable usage of the connection to an LDAP server:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- In the lower part of the workspace, do one of the following:
- Flip on the toggle switch next to the address of the LDAP server the connection to which you want to enable.
- Flip off the toggle switch next to the address of the LDAP server the connection to which you want to disable.
Configuring the connection to an LDAP server
To configure the LDAP server connection settings:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- In the lower part of the workspace, select the LDAP server the connection to which you want to configure.
- In the LDAP server connection settings section of the selected server, click any link to open the LDAP server connection settings window.
- In the LDAP server settings section, select one of the following external directory services in the LDAP server list:
- generic LDAP if you want to add a connection to a server of an LDAP-compatible directory service (such as Red Hat Directory Server).
- Active Directory if you want to add a connection to a Microsoft Active Directory server.
- In the LDAP server settings section, in the Server address field type the IP address in IPv4 format or the FQDN name of the LDAP server to which you want to connect.
- In the LDAP server settings section, in the Connection port number list specify the port for connecting to the LDAP server.
The LDAP server usually receives inbound connections at port 389 via the TCP or UDP protocol. Port 636 is normally used to connect to an LDAP server via the SSL protocol.
- In the LDAP server settings section, in the Connection type list select one of the data encryption options when connecting to the LDAP server:
- SSL, if you want to use SSL.
- TLS, if you want to use TLS.
- No encryption, if you do not want to use data encryption technologies when connecting to the LDAP server.
- In the Authentication settings section, in the LDAP server user account name field type the name of the user of the LDAP server who has privileges to read directory records (BindDN). Enter the user name in one of the following formats:
cn=<user name>, ou=<department name>(if required), dc=<domain name>, dc=<parent domain name>, if you want to add a connection to a server of an LDAP-compatible directory service (such as Red Hat Directory Server).For example, you can enter the following user name:
cn=LdapServerUser, dc=example, dc=com,whereLdapServerUseris the name of the LDAP server user;exampleis the domain name of the directory to which the user's account belongs;comis the name of the parent domain in which the directory is located.cn=<user name>, ou=<unit name>(if required), dc=<domain name>, dc=<parent domain name>or<user name>@<domain name>.<parent domain name>if you want to add a connection to a Microsoft Active Directory server.For example, you can enter the following user name:
LdapServerUser@example.com,whereLdapServerUseris the name of the LDAP server user;example.comis the domain name of the directory to which the user's account belongs.
- In the Authentication settings section, in the LDAP server user account password field type the LDAP server access password of the user specified in the LDAP server user account name field.
- In the Search settings section, in the Search base field type the DN (Distinguished Name) of the directory object beginning with which Kaspersky Secure Mail Gateway will start searching directory records.
Enter the search base in the following format:
ou=<department name>(if required), dc=<domain name>,dc=<parent domain name>.For example, you can enter the following search base:
ou=people, dc=example, dc=com,wherepeopleis the directory level from which Kaspersky Secure Mail Gateway starts searching for records (the search is run at thepeoplelevel and lower levels. Objects located above this level are excluded from the search scope);exampleis the domain name of the directory in which Kaspersky Secure Mail Gateway searches for records;comis the name of the parent domain in which the directory is located. - Click the Check button.
Kaspersky Secure Mail Gateway checks the connection to the LDAP server using the connection and authentication settings you have specified.
- Click the Apply button.
The LDAP server connection settings window closes.
Configuring the LDAP server connection filters
To configure the LDAP server connection filters:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- In the lower part of the workspace, select the LDAP server the filters of the connection to which you want to configure.
- In the LDAP filter settings section of the selected server, click any link to open the LDAP filter settings window.
- In the Set up LDAP filters group of settings, in the User authentication field specify the user authentication filter (for example, to let the user access the user's messages in Backup).
- To set the standard values of the user authentication filter, click the Set default values link under the User authentication field.
- In the Set up LDAP filters group of settings, in the User and group search field configure the user and group search filter.
- To set the standard values of the user and group search filter, click the Set default values link under the User and group search field.
- In the Set up LDAP filters group of settings, in the Search for the DN of users and groups using email address field specify the filter for searching for the DN of users and groups to which they belong based on their email address.
- To set standard values for the filter for searching for the DN of users and groups to which they belong based on their email address, click the Set default values link under the Search for the DN of users and groups using email address.
- In the Set up LDAP filters group of settings, in the Search for groups by users' DN field configure the filter for searching for groups to which the user belongs based on the user's DN. This filter is used when the user group could not be determined using the filter specified in the Search for the DN of users and groups using email address field.
- To set the standard values of the filter for searching for groups to which the user belongs based on the user's DN, click the Set default values link under the Search for groups by users' DN field.
- Select the Use recursive search check box to enable a search for LDAP accounts in subgroups.
- Click OK.
The LDAP filter settings window closes.
Kaspersky Secure Mail Gateway email notifications
This section contains information about Kaspersky Secure Mail Gateway email notifications and how to configure them.
About email notifications
An email notification (hereinafter also "notification") is an email message describing an application event or a message scan event, which Kaspersky Secure Mail Gateway sends to the specified email addresses.
You can configure delivery of notifications to the following email addresses:
- Mail server administrator's address
- Message sender's address
- Message recipient's address
- Additional email addresses
Kaspersky Secure Mail Gateway event notifications contain information about application settings, errors occurring during operation of the application, and information to the effect that a message has not been delivered to a recipient if delivery failed.
You can configure delivery of the Message delivery failed email notification to the sender of the message that has not been delivered.
You can configure delivery of email notifications to the mail server administrator about the following Kaspersky Secure Mail Gateway events:
- Anti-Spam databases are out of date.
- Anti-Virus databases are out of date.
- Error placing messages in Backup.
- Error purging Backup.
- Backup is almost full.
- License expires soon.
- License has expired.
- Key is blocked.
- LDAP server connection error.
Message scan event notifications contain information about the message that has been processed and objects removed from it. The application also includes the text of the original email message in notifications for recipients.
You can configure delivery of email notifications to the administrator, sender, or recipient of messages or to other recipients about the following message scan events:
- Malicious and probably infected objects detected.
- Encrypted objects detected.
- Scan errors detected.
- Content filtering issues detected.
- Phishing messages detected.
Editing notification templates
To edit an email notification template:
- In the main window of the application web interface, open the management console tree and select the Settings section and Notifications subsection.
- Select the section containing the type of notification whose template you want to edit.
For example, you can select the Anti-Spam databases are out of date section.
- In the section selected, click the Message subject or Message link to open the Notification settings window.
For example, if you want to edit the template of notifications about outdated Anti-Spam databases, click one of these two links: Message subject about out of date databases or Message about out of date databases.
The Notification settings window opens.
- In the Subject field, enter the subject of the notification whose template you want to edit.
- In the Message field, enter the text of the notification whose template you want to edit.
- Click the Save button.
The Notification settings window closes.
Configuring message scanning event notifications for a rule
You can configure delivery of email notifications about message scanning events for one or several rules.
To configure delivery of message scanning event notifications:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure delivery of notifications.
- Select the Notifications section.
- Select a message scanning event for which you want to configure delivery of notifications.
For example, you can select the Malicious and probably infected objects detected event.
- In the group of settings with the name of the selected event (for example: Malicious and probably infected objects detected), select the check box next to the Notify administrator setting name if you want to enable delivery of notifications about the selected event to the address of the Kaspersky Secure Mail Gateway administrator.
- In the group of settings with the name of the selected event (for example: Malicious and probably infected objects detected), select the check box next to the Notify sender setting name if you want to enable delivery of notifications about the selected event to addresses of message sender.
- In the group of settings with the name of the selected event (for example: Malicious and probably infected objects detected), select the check box next to the Notify recipient setting name if you want to enable delivery of notifications about the selected event to addresses of message recipients.
- If you have enabled delivery of notifications to addresses of message recipients, configure the settings of delivery of notifications to message recipients. To do so, perform the following:
- Click the link to the right of the name of the Notify recipient setting to open the User notification settings window.
- Select one of the following options:
- Notify only, if you want to configure delivery of notifications to recipients without the source message.
- Notify with source message in attachment, if you want to configure delivery of notifications to recipients with the source message in the attachment.
- Click OK.
The User notification settings window closes.
- In the group of settings with the name of the selected event (for example: Malicious and probably infected objects detected), select the check box next to the Additional addresses setting name if you want to enable delivery of notifications about the selected event to additional email addresses.
- If you have enabled delivery of notifications to additional email addresses, specify the additional email addresses of notification recipients. To do so, perform the following:
- Click the link to the right of the name of the Additional addresses setting to open the Addresses for notifications window.
- In the Addresses for notifications field, enter the email address of the notification recipient.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the button for adding entries to the right of the entry field.
The list of additional email addresses of notification recipients is compiled in the field under the button for adding entries.
- Click OK.
The Addresses for notifications window.
- Click the Apply button in the lower part of the workspace.
Enabling and disabling delivery of application event notifications
To enable or disable delivery of Kaspersky Secure Mail Gateway event notifications:
- In the main window of the application web interface, open the management console tree and select the Settings section and Notifications subsection.
- Select the section containing the type of notification whose delivery you want to enable or disable.
For example, you can select the Anti-Spam databases are out of date section.
- In the section you selected, do one of the following:
- Flip on the toggle switch next to the name of the selected section (for example: Anti-Spam databases are out of date), if you want to enable delivery of notifications about this event.
- Flip off the toggle switch next to the name of the selected section (for example: Anti-Spam databases are out of date), if you want to disable delivery of notifications about this event.
Configuring email addresses of the administrator
To configure email addresses of the administrator for sending notifications, reports, and other messages of Kaspersky Secure Mail Gateway:
- In the main window of the application web interface, open the management console tree and select the Settings section and General settings subsection.
- In the Email addresses section, click the Administrator's email addresses link to open the Administrator's email addresses window.
- Enter the administrator's email address in the Email addresses to which Kaspersky Secure Mail Gateway sends notifications, reports, and messages from an application email address field.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the Add button to the right of the entry field.
The list of administrator's email addresses is compiled in the field under the button for adding entries.
- Click OK.
- The Administrator's email addresses window closes.
Email addresses are displayed on the right of the Administrator's email addresses link in the workspace of the main window of the application web interface.
Kaspersky Secure Mail Gateway disclaimers and warnings
This section contains information about Kaspersky Secure Mail Gateway disclaimers and warnings and instructions on how to configure them.
About email disclaimers and insecure message warnings
An email disclaimer (hereinafter also “disclaimer”) is text that Kaspersky Secure Mail Gateway can add at the beginning or end of an email message.
You can configure disclaimer templates, specify the display format for disclaimers in messages, enable or disable disclaimers for one or several message processing rules.
An insecure message warning (hereinafter also “warning”) is text that Kaspersky Secure Mail Gateway can add at the beginning or end of email messages that have been assigned one of the following scan status labels by Kaspersky Secure Mail Gateway modules:
- Encrypted.
- Phishing.
- Infected.
- Corrupted.
You can configure warning templates, specify the display format for warnings in messages, enable or disable warnings for one or several message processing rules.
Creating a disclaimer or warning template
To create a disclaimer or warning template:
- In the main window of the application web interface, open the management console tree and select the Settings section and Disclaimers subsection.
- Click the Create button in the upper part of the workspace.
A new disclaimer or warning template opens.
- In the Template name field, type the name of the template.
Based on this name, you can select a template for configuring the settings of message processing rules.
- In the Position drop-down list, select the position of the disclaimer or warning. You can configure the disclaimer or warning to be displayed before or after the message.
- Select one of the following tabs above the Message text field:
- Plain, if you want the message to be displayed in plain text format.
- HTML, if you want the message to be displayed in HTML format.
By default, Kaspersky Secure Mail Gateway applies the text format depending on the format of email messages.
In an email message in HTML format, Kaspersky Secure Mail Gateway adds a disclaimer or warning in HTML format.
In an email message in Plain format, Kaspersky Secure Mail Gateway adds a disclaimer or warning in Plain format.
- Enter the text of the disclaimer or warning in the Message text field.
- If you entered the text of the disclaimer or warning in HTML format, under the Message text field click the Preview link to see a preview of your message.
- Select the Text only check box if you want the message to contain text only.
When a disclaimer or warning in Text only format is added to an email message in HTML format, the message may be displayed incorrectly.
- Click the Create button in the lower part of the workspace.
The disclaimer or warning template you have created appears in the list of disclaimer and warning templates in the workspace of the main window of the application web interface.
Editing a disclaimer or warning template
To edit a disclaimer or warning template:
- In the main window of the application web interface, open the management console tree and select the Settings section and Disclaimers subsection.
- In the list of disclaimer and warning templates in the workspace, select the disclaimer or warning template that you want to edit.
- Edit the template name in the Template name field.
Based on this name, you can select a template for configuring the settings of message processing rules.
- In the Position drop-down list, change the position of the disclaimer or warning. You can configure the disclaimer or warning to be displayed before or after the message.
- Select one of the following tabs above the Message text field:
- Plain, if you want the message to be displayed in plain text format.
- HTML, if you want the message to be displayed in HTML format.
- Edit the text of the disclaimer or warning in the Message text field.
- If you entered the text of the disclaimer or warning in HTML format, under the Message text field click the Preview link to see a preview of your message.
- Select the Text only check box if you want the message to contain text only.
- Click the Apply button in the lower part of the workspace.
Deleting a disclaimer or warning template
To delete a disclaimer or warning template:
- In the main window of the application web interface, open the management console tree and select the Settings section and Disclaimers subsection.
- Select the check box in the lines with the names of one or several disclaimer or warning templates that you want to delete.
- Click the Delete button in the upper part of the workspace.
The selected disclaimer or warning templates are deleted.
Enabling and disabling message disclaimers for a rule
You can enable or disable message disclaimers for one or several rules. By default, message disclaimers are disabled.
To enable or disable message disclaimers for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to enable or disable message disclaimers.
- Select the Email disclaimer section.
- Do one of the following:
- Flip on the toggle switch next to the name of the Email disclaimer settings group to enable message disclaimers for a rule.
- Flip off the toggle switch next to the name of the Email disclaimer settings group to disable message disclaimers for a rule.
- Click the Apply button in the lower part of the workspace.
Adding a message scanning event disclaimer for a rule
To add a message scanning event disclaimer for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to add a message scanning event disclaimer.
- Select the Email disclaimer section.
- Flip on the toggle switch next to the name of the Email disclaimer settings group if it is off.
- In the Add the following disclaimer group of settings, click the link to the right of the name of the Disclaimer template name setting.
- The Disclaimer template window opens.
- In the Disclaimer template list, select the template of a disclaimer that you want to add to a message scanning event for a rule.
- Click OK.
The Disclaimer template window closes.
The disclaimer you have added appears in the Email disclaimer section in the workspace of the main window of the application web interface.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the option that lets you add disclaimers to messages is enabled for the rule and the rule for which you have configured the settings is enabled.
Adding an insecure message warning for a rule
To add an insecure message warning for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to add an insecure message warning.
- Select the Insecure message warning section.
- Select check boxes next to one or several types of messages to which you want to add a warning:
- enable for encrypted messages, if you want to add a warning to messages that have been assigned Encrypted status after scanning by Kaspersky Secure Mail Gateway modules.
- enable for phishing messages, if you want to add a warning to messages that have been assigned Phishing status after scanning by Kaspersky Secure Mail Gateway modules.
- enable for infected messages, if you want to add a warning to messages that have been assigned Infected status after scanning by Kaspersky Secure Mail Gateway modules.
- enable for corrupted messages, if you want to add a warning to messages that have been assigned Corrupted status after scanning by Kaspersky Secure Mail Gateway modules.
- In the Add the following warning group of settings, click the link to the right of the name of the Warning template setting.
- The Warning template window opens.
- In the Warning template list, select the template of an insecure message warning that you want to add for a rule.
- Click OK.
The Warning template window closes.
The warning you have added appears in the Insecure message warning section in the workspace of the main window of the application web interface.
- Click the Apply button in the lower part of the workspace.
In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that the rule for which you have configured settings is enabled.
About Backup
Backup is designed to store copies of messages which Kaspersky Secure Mail Gateway saves during processing. Copies of messages are stored in Backup in unreadable format and therefore do not compromise your computer's security.
Kaspersky Secure Mail Gateway places copies of the following messages in Backup:
- Messages to which the Anti-Virus engine assigned one of the following status labels: Infected, Probably infected, Corrupted, or Encrypted and before one of the following actions is taken on it: Disinfect, Delete attachment, or Delete message;
- Messages to which the Anti-Spam engine assigned one of the following status labels: Spam, Probable spam, Blacklisted, or Massmail and before the Delete message action was taken on it;
- Messages to which the Anti-Phishing engine assigned one of the following status labels: Phishing or Malicious link and before the Delete message action was taken on it;
- Messages to which one of the following status labels was assigned after content filtering: Banned File Name or Banned File Format and before the Delete attachment or Delete message action was performed on it, and also messages assigned Size Exceeded status and before the Delete message action was taken on them;
- Messages whose senders' addresses have been detected in a custom black list of addresses and before the Delete message action was taken on them.
Copies of messages are placed in Backup together with attachments.
The default maximum Backup space is 7.32 GB. As soon as this threshold value is exceeded, the application starts to remove the oldest copies of messages from Backup. When the amount of occupied space is again below the threshold value, the application stops removing copies of messages from Backup.
Finding message copies in Backup
To find message copies in Backup:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the workspace, click any link under the Deliver, View, Delete, and Save buttons to open the Search filter window.
- In the From field, enter the text for searching email addresses of message senders.
You can enter an email address (for example: example-email@example.com), domain name (for example: example.com) or several symbols from the email address (for example: exa).
- In the To field, enter the text for searching email addresses of message recipients.
- In the Subject field, enter the text for searching for message headers.
- In the Message-ID field, enter the text for searching for the message ID on the mail server.
- In the Rule ID list, select the ID of the rule according to which messages were processed.
- In the Period list, select the period that has elapsed since the time when messages were processed and had their copies moved to Backup.
You can choose one of the following periods:
- Hour.
- Day.
- Week.
- 2 weeks.
- Month.
- 3 months.
- Year.
- Custom.
- If you choose the Custom period, do the following:
- In the starting from field, specify the search period start date and time.
- In the ending with field, specify the search period end date and time.
- In the Scan type group of settings, select check boxes next to the names of Kaspersky Secure Mail Gateway engines based on whose verdicts messages were moved to Backup.
You can select one or several scan engines:
- Anti-Spam.
- Anti-Virus.
- Content filtering.
- Anti-Phishing.
- Custom black list of addresses.
- In the Message size (KB) group of settings, set a limit on message size in kilobytes.
You can set one of the following limits:
- Less than or equal to a certain message size in kilobytes
- Greater than or equal to a certain message size in kilobytes
- Click OK.
Copies of messages that match the search parameters are displayed in the list of message copies in the Backup section.
Viewing message copies in Backup
To view a message copy in Backup:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the list of message copies in Backup, in the lower part of the workspace do one of the following:
- In the line with the details of the message that you want to view, click any of the following links: From, To, or Subject.
- In the line with the details of the message that you want to view, select the check box and click the View button.
A message copy containing the following message information opens:
- Subject.
- Processing rule.
- From.
- To.
- Cc.
- Bcc.
- Scan Results with the list of the scan engines: Anti-Spam, Anti-Virus, Content filtering, and Anti-Phishing.
- Backup Reason.
- Blacklisted by user.
- Whitelisted by user.
- Time placed in Backup.
- MTA-Message-ID.
- Message size.
- Time sent.
- Time received.
- Attachments.
- Anti-Virus databases release date.
- To return to the list of message copies in Backup, click the To messages list button in the upper part of the workspace.
Delivering messages from Backup to recipients
If you consider a message in Backup to be safe, you can deliver the message from Backup to the recipients.
You can deliver a message from Backup after previewing it or by selecting messages that you want to deliver in the list of message copies in Backup (one or several messages).
Delivering infected and probably infected messages can pose a security threat to computers of users.
Before delivering an infected message to a recipient, make sure that delivery of infected messages is allowed in Backup settings.
To deliver a message from Backup after previewing it:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the list of message copies in Backup, in the lower part of the workspace do one of the following:
- In the line with the details of the message that you want to view, click any of the following links: From, To, or Subject.
- In the line with the details of the message that you want to view, select the check box and click the View button.
The message copy opens.
- Click the Deliver button in the upper part of the workspace.
The Deliver message window opens.
- Select the check box next to the name of the To recipients' email addresses specified in the message header setting if you want to deliver the message to email addresses of recipients to whom this message was intended.
- Select the check box next to the name of the To additional email addresses setting if you want to deliver the message to additional email addresses.
- If you have chosen to deliver messages to additional email addresses, in the field under the name of the To additional email addresses setting, enter the email addresses to which you want to deliver the message.
- Click OK.
The Deliver message window closes.
The message is placed in the delivery queue.
- To return to the list of message copies in Backup, click the To messages list button in the upper part of the workspace.
The Message has been placed in queue for delivery message appears in the list of message copies in Backup.
- To hide the Message has been placed in queue for delivery message, click the Hide link in the right part of the line with the message.
To deliver one or several messages from Backup without previewing them:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the list of message copies in Backup, in the lower part of the workspace select check boxes in the lines with the details of messages that you want to deliver.
- Click the Deliver button in the upper part of the workspace.
The Deliver message window opens.
- Select the check box next to the name of the To recipients' email addresses specified in the message header setting if you want to deliver the messages to email addresses of recipients to whom these messages were intended.
- Select the check box next to the name of the To additional email addresses setting if you want to deliver the messages to additional email addresses.
- If you have chosen to deliver messages to additional email addresses, in the field under the name of the To additional email addresses setting, enter the email addresses to which you want to deliver the messages.
- Click OK.
The Deliver message window closes.
The messages are placed in the delivery queue.
The Messages have been placed in queue for delivery message appears in the list of message copies in Backup.
- To hide the Messages have been placed in queue for delivery message, click the Hide link in the right part of the line with the message.
Saving messages from Backup to file
If you consider a message in Backup to be safe, you can save it to file on the hard drive.
You can save a message from Backup after previewing it or by selecting the message that you want to save in the list of message copies in Backup.
Saving infected and probably infected messages on the hard drive poses a security threat to your computer.
To save a message from Backup after previewing it:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the list of message copies in Backup, in the lower part of the workspace do one of the following:
- In the line with the details of the message that you want to view, click any of the following links: From, To, or Subject.
- In the line with the details of the message that you want to view, select the check box and click the View button.
The message copy opens.
- Click the Save button in the upper part of the workspace.
The message is saved on the hard drive of your computer in the folder specified as the destination folder for downloading files from the Internet in the settings of the web browser that you use to manage Kaspersky Secure Mail Gateway.
For example, if you are using the Microsoft Windows operating system and the Downloads folder is specified as the destination folder for downloading files from the Internet, the message is saved in the Downloads folder on the hard drive of your computer.
- To return to the list of message copies in Backup, click the To messages list button in the upper part of the workspace.
To save a message from Backup without previewing it:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the list of message copies in Backup, in the lower part of the workspace select check boxes in the line with the details of the message that you want to save.
- Click the Save button in the upper part of the workspace.
The message is saved on the hard drive of your computer in the folder specified as the destination folder for downloading files from the Internet in the settings of the web browser that you use to manage Kaspersky Secure Mail Gateway.
For example, if you are using the Microsoft Windows operating system and the Downloads folder is specified as the destination folder for downloading files from the Internet, the message is saved in the Downloads folder on the hard drive of your computer.
Deleting a message copy from Backup
You can delete a message copy from Backup after previewing it or by selecting messages that you want to delete in the list of message copies in Backup (one or several messages).
To delete a message copy from Backup after previewing it:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the list of message copies in Backup, in the lower part of the workspace do one of the following:
- In the line with the details of the message that you want to view, click any of the following links: From, To, or Subject.
- In the line with the details of the message that you want to view, select the check box and click the View button.
The message copy opens.
- Click the Delete button in the upper part of the workspace.
- The Delete message(s) window opens.
- Click the Delete button in the Delete message(s) window.
A copy of the message is deleted from Backup.
- To return to the list of message copies in Backup, click the To messages list button in the upper part of the workspace.
The Marked message has been deleted message appears in the list of message copies in Backup.
- To hide the Marked message has been deleted message, click the Hide link in the right part of the line with the message.
To delete one or several messages from Backup without previewing them:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- In the list of message copies in Backup, in the lower part of the workspace select check boxes in the lines with the details of messages that you want to delete.
- Click the Delete button in the upper part of the workspace.
- The Delete message(s) window opens.
- Click the Delete button in the Delete message(s) window.
The message copies are deleted from Backup.
The Marked messages have been deleted message appears in the list of message copies in Backup.
- To hide the Marked messages have been deleted message, click the Hide link in the right part of the line with the message.
Configuring Backup settings
To configure Backup settings:
- In the main window of the application web interface, open the management console tree and select the Backup section.
- Click any link to open the Backup settings window.
- In the Backup maximum size field, specify the maximum hard drive space that can be taken up by Backup.
A value of 100 MB or greater is recommended.
- In the Free space threshold to notify about field, specify the amount of Backup free space that, when left, causes the application to send a notification to the administrator of Kaspersky Secure Mail Gateway.
- In the Allow delivery of infected messages list, select one of the following options:
- In the Actions to take on messages if Backup is unavailable list, select one of the following options:
- Process messages, if you want the application to continue processing messages regardless of whether or not Backup is available.
- Temporary fail, if you want the application to send a notification that Backup is temporarily unavailable.
- Reject messages, if you want the application to reject messages when Backup is unavailable.
- Click OK.
The Backup settings window closes.
Message authentication
This section describes the message authentication technologies used by Kaspersky Secure Mail Gateway and provides instructions on how to configure message authentication.
About message authentication
Message authentication is designed to provide additional protection for your corporate mail infrastructure against spam and phishing.
Kaspersky Secure Mail Gateway uses the following message authentication technologies:
- SPF (Sender Policy Framework) authentication.
- DKIM (DomainKeys Identified Mail) authentication.
- DMARC (Domain-based Message Authentication, Reporting and Conformance) authentication.
SPF message authentication – comparing IP addresses of message senders with the list of possible message sources, which has been created by the mail server administrator.
Kaspersky Secure Mail Gateway receives lists of possible message sources from the DNS server.
Enable SPF message authentication if Kaspersky Secure Mail Gateway receives messages directly from the Internet. Disable SPF message authentication if Kaspersky Secure Mail Gateway receives messages from an intermediate internal server.
DKIM message authentication – verification of the digital signature added to messages.
A digital signature associated with the name of the organization's domain is added to messages. Kaspersky Secure Mail Gateway verifies this digital signature.
DMARC message authentication – authentication performed to verify that the message was actually sent from the specified domain.
After the message has passed SPF and DKIM authentication, the application verifies that the domain containing the sender's address in the From field of the email message header matches the SPF and DKIM IDs and the SPF and DKIM statuses.
To enable SPF, DKIM, and DMARC message authentication, you have to allow Kaspersky Secure Mail Gateway to connect to the DNS server. If the connection to the DNS server is prohibited, SPF, DKIM, and DMARC message authentication is disabled.
If Kaspersky Secure Mail Gateway detects violations during SPF, DKIM, or DMARC message authentication, it is considered that SPF, DKIM, or DMARC message authentication has revealed violations of message senders' authenticity.
Connecting to a DNS to perform message authentication
To enable message authentication, you have to allow Kaspersky Secure Mail Gateway to connect to the DNS server. If the connection to the DNS server is prohibited, SPF, DKIM, and DMARC message authentication is disabled.
You can also specify the maximum DNS server response wait time. When this time elapses, the DNS server is considered unavailable, and the message is processed by Kaspersky Secure Mail Gateway without message authentication. The default value is 10 seconds.
To allow Kaspersky Secure Mail Gateway to connect to the DNS server:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the Allow connection to DNS server link to open the External services window.
- In the list to the right of the name of the Allow connection to DNS server setting, select Yes.
- Click the Apply button.
To specify the maximum DNS server response wait time:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the Allow connection to DNS server link to open the External services window.
- In the field to the right of the Allow connection to DNS server setting, specify the maximum DNS server response wait time.
The default value is 10 seconds.
- Click the Apply button.
Enabling and disabling SPF message authentication
To enable or disable SPF message authentication:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the Enable SPF authentication of mail senders link to open the External services window.
- In the list to the right of the Enable SPF authentication of mail senders setting, select one of the following options:
- Yes, if you want to enable SPF authentication.
- No, if you want to disable SPF authentication.
- Click the Apply button.
To enable SPF message authentication, you have to allow Kaspersky Secure Mail Gateway to connect to the DNS server. If the connection to the DNS server is prohibited, SPF message authentication is disabled.
Enabling and disabling DKIM message authentication
To enable or disable DKIM message authentication:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the Enable DKIM authentication of mail senders link to open the External services window.
- In the list to the right of the Enable DKIM authentication of mail senders setting, select one of the following options:
- Yes, if you want to enable DKIM authentication.
- No, if you want to disable DKIM authentication.
- Click the Apply button.
To enable DKIM message authentication, you have to allow Kaspersky Secure Mail Gateway to connect to the DNS server. If the connection to the DNS server is prohibited, DKIM message authentication is disabled.
Enabling and disabling DMARC message authentication
To enable or disable DMARC message authentication:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the External services section, click the Enable DMARC authentication of mail senders link to open the External services window.
- In the list to the right of the Enable DMARC authentication of mail senders setting, select one of the following options:
- Yes, if you want to enable DMARC authentication.
- No, if you want to disable DMARC authentication.
- Click the Apply button.
To enable DMARC message authentication, you have to allow Kaspersky Secure Mail Gateway to connect to the DNS server. If the connection to the DNS server is prohibited, DMARC message authentication is disabled.
Enabling and disabling message authentication for a rule
You can enable or disable message authentication for one or several rules.
Before enabling or disabling message authentication for a rule, make sure that at least one type of message authentication is enabled in the settings of Kaspersky Secure Mail Gateway (Enabling and disabling SPF message authentication, Enabling and disabling DKIM message authentication, Enabling and disabling DMARC message authentication).
To enable or disable message authentication for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to enable or disable message authentication.
- Select the Authentication of Mail Sender section.
- Do one of the following:
- Flip on the toggle switch next to the name of the Authentication of Mail Sender settings group to enable message authentication.
- Flip off the toggle switch next to the name of the Authentication of Mail Sender settings group to disable message authentication.
- Click the Apply button in the lower part of the workspace.
Configuring additional SPF message authentication settings for a rule
You can configure additional settings of SPF message authentication for one or several rules.
Before configuring additional settings of SPF message authentication for a rule, make sure that SPF message authentication is enabled in the settings of Kaspersky Secure Mail Gateway.
To configure additional settings of SPF message authentication for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure additional settings of SPF message authentication.
- Select the Authentication of Mail Sender section.
- Flip on the toggle switch next to the name of the Authentication of Mail Sender settings group if it is off.
- In the SPF authentication of mail senders section, do one of the following:
- Select the check box next to the name of the Consider SPF softfail as a violation if you want Kaspersky Secure Mail Gateway to consider an SPF softfail error detected during SPF authentication as a message authentication violation.
- Clear the check box next to the name of the Consider SPF softfail as a violation if you do not want Kaspersky Secure Mail Gateway to consider an SPF softfail error detected during SPF authentication as a message authentication violation.
- Click the Apply button in the lower part of the workspace.
Configuring additional DKIM message authentication settings for a rule
You can configure additional settings of DKIM message authentication for one or several rules.
Before configuring additional settings of DKIM message authentication for a rule, make sure that DKIM message authentication is enabled in the settings of Kaspersky Secure Mail Gateway.
To configure additional settings of DKIM message authentication for a rule:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure additional settings of DKIM message authentication.
- Select the Authentication of Mail Sender section.
- Flip on the toggle switch next to the name of the Authentication of Mail Sender settings group if it is off.
- In the DKIM authentication of mail senders section, do one of the following:
- Select the check box next to the name of the Consider absence of DKIM signature as an authentication violation setting if you want Kaspersky Secure Mail Gateway to consider the absence of a DKIM signature of a message detected during DKIM authentication as a violation of the message sender's authenticity.
- Clear the check box next to the name of the Consider absence of DKIM signature as an authentication violation setting if you do not want Kaspersky Secure Mail Gateway to consider the absence of a DKIM signature of a message detected during DKIM authentication as a violation of the message sender's authenticity.
- Click the Apply button in the lower part of the workspace.
Configuring tags added to message subjects after SPF message authentication
To configure tags that Kaspersky Secure Mail Gateway adds to the message subject after SPF message authentication:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to configure labels added to message subjects after SPF message authentication.
- Select the Authentication of Mail Sender section.
- Flip on the toggle switch next to the name of the Authentication of Mail Sender settings group if it is off.
- In the SPF authentication of mail senders settings group, click the link to the right of the name of the Add the following text to subject of email message setting to open the Tag for SPF authentication violation window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the message subject when an SPF message authentication violation is detected.
- Click OK.
The Tag for SPF authentication violation window closes.
- Click the Apply button in the lower part of the workspace.
Configuring tags added to message subjects after DKIM message authentication
To configure labels that Kaspersky Secure Mail Gateway adds to the message subject after DKIM message authentication:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to configure labels added to message subjects after DKIM message authentication.
- Select the Authentication of Mail Sender section.
- Flip on the toggle switch next to the name of the Authentication of Mail Sender settings group if it is off.
- In the DKIM authentication of mail senders settings group, click the link to the right of the name of the Add the following text to subject of email message setting to open the Tag for DKIM authentication violation window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the message subject when a DKIM message authentication violation is detected.
- Click OK.
The Tag for DKIM authentication violation window closes.
- Click the Apply button in the lower part of the workspace.
Configuring tags added to message subjects after DMARC message authentication
To configure labels that Kaspersky Secure Mail Gateway adds to the message subject after DMARC message authentication:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to configure labels added to message subjects after DMARC message authentication.
- Select the Authentication of Mail Sender section.
- Flip on the toggle switch next to the name of the Authentication of Mail Sender settings group if it is off.
- In the If DMARC violation detected settings group, click the link to the right of the name of the Add the following text to subject of email message setting to open the Tag for DMARC authentication violation window.
- In the field under the name of the window, enter the text that you want to add at the beginning of the message subject when a DMARC message authentication violation is detected.
- Click OK.
The Tag for DMARC authentication violation window closes.
- Click the Apply button in the lower part of the workspace.
Configuring actions on messages during DMARC message authentication
You can configure the actions to take on messages DMARC message authentication for one or several rules.
Before configuring actions on messages during DMARC message authentication, make sure that DMARC message authentication is enabled in the settings of Kaspersky Secure Mail Gateway.
To configure actions on messages during DMARC message authentication:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the link with the name of the rule to open the rule for which you want to configure actions on messages during DMARC message authentication.
- Select the Authentication of Mail Sender section.
- Flip on the toggle switch next to the name of the Authentication of Mail Sender settings group if it is off.
- In the If DMARC violation detected drop-down list, select one of the following actions to take on messages found to cause an authentication violation during DMARC message authentication:
- Apply DMARC policy.
The DMARC policy is configured by the mail server administrator on the DNS server.
- Reject.
- Delete message.
- Skip.
- Apply DMARC policy.
- Click the Apply button in the lower part of the workspace.
Configuring detection of TempError during message authentication
If you want the TempError temporary error to be considered a message authentication violation, you can specify this setting for one or several rules.
Before specifying whether the TempError temporary error should be considered a message authentication violation, make sure that at least one type of message authentication is enabled in the settings of Kaspersky Secure Mail Gateway (Enabling and disabling SPF message authentication, Enabling and disabling DKIM message authentication, Enabling and disabling DMARC message authentication).
To specify whether the TempError temporary error should be considered a message authentication violation:
- In the main window of the application web interface, open the management console tree and select the Rules section.
- In the list of rules, click the name of the rule to open the rule for which you want to specify whether the TempError temporary error should be considered a message authentication violation.
- In the Authentication of Mail Sender section, do one of the following:
- Select the check box next to the name of the Consider temporary errors (TempError) as an authentication violation setting, if you want Kaspersky Secure Mail Gateway to consider temporary errors (TempError) as a message authentication violation.
- Clear the check box next to the name of the Consider temporary errors (TempError) as an authentication violation setting, if you do not want Kaspersky Secure Mail Gateway to consider temporary errors (TempError) as a message authentication violation.
- Click the Apply button in the lower part of the workspace.
Preparing to configure SPF and DMARC message authentication for outgoing messages
In order for the remote mail server to be able to perform message authentication when the message sender is Kaspersky Secure Mail Gateway (authentication of the sender of outgoing messages), you have to add the SPF and DMARC records to the settings of your DNS server.
To add SPF and DMARC records to the settings of your DNS server:
- Sign in to your DNS server under the administrator account.
- Locate the page with information on updating DNS records of the domain for whose addresses you want to configure authentication of senders of outgoing messages.
For example, this page can be named "DNS Management", "Name Server Management", or "Advanced Settings".
- Find records in TXT format for the domain for whose addresses you want to configure authentication of senders of outgoing messages.
- In the list of records in TXT format, add the SPF record for a certain domain with the following contents:
<name of the domain for whose addresses you want to configure SPF authentication of the sender of outgoing messages> IN TXT "v=<SPF version> +all>"For example, you can add the following string:
example.com IN TXT "v=spf1 +all"See Document RFC 4408 for details on configuring settings of the SPF record.
- In the list of records in TXT format, add the DMARC record for a certain domain with the following contents:
_dmarc.<name of the domain for whose addresses you want to configure DMARC authentication of the sender of outgoing messages>. IN TXT "v=<DMARC version>; p=<action that the remote mail server will perform on all email messages that do not satisfy the DMARC requirements>;"For example, you can add the following string:
_dmarc.example.com. IN TXT "v=DMARC1; p=quarantine;"See DMARC documentation for details on configuring settings of the DMARC record.
- Save changes.
The syntax of the sample SPF and DMARC records is provided for purposes of adding it to the settings of a BIND DNS server. The syntax of the SPF and DMARC records to be added to other DNS servers may differ slightly from the examples provided.
SMTP verification of recipient email addresses
This section contains information about SMTP authentication of message recipients and how to configure it.
About SMTP verification of recipient email addresses
SMTP verification of recipient email addresses – verification performed to check if email addresses of message recipients actually exist.
When Kaspersky Secure Mail Gateway receives messages for secure domains and redirects them to a back-end mail server, Kaspersky Secure Mail Gateway has to be prevented from receiving messages for nonexistent email addresses. This is required for two reasons:
- Receiving messages to be sent to nonexistent email addresses loads the processor because mail is processed unnecessarily.
- Attempts to deliver messages to nonexistent email addresses can cause Kaspersky Secure Mail Gateway or the back-end server to create delivery failure notifications; because of such notifications, Kaspersky Secure Mail Gateway or your back-end mail server will be blacklisted.
Authentication of message recipients is not performed when Kaspersky Secure Mail Gateway receives messages from trusted network nodes.
Enabling and disabling SMTP verification of recipient email addresses
To enable or disable SMTP verification of recipient email addresses:
- In the main window of the application web interface, open the management console tree and select the Settings section and MTA subsection.
- Maximize the Advanced Settings section.
- Click the Reject messages for unknown recipient domains link or the Reject messages for unverified recipients link to open the Advanced MTA settings window.
In the Reject messages for unknown recipient domains list, select one of the following values:
- Yes if you want Kaspersky Secure Mail Gateway to reject the message delivery request if the
RCPT TOdomain name does not contain MX records of the DNS server and the DNS address or MX record is distorted (for example, a zero-length address of the MX host is specified). - No if you do not want Kaspersky Secure Mail Gateway to reject the message delivery request if the
RCPT TOdomain name does not contain MX records of the DNS server and the DNS address or MX record is distorted (for example, a zero-length address of the MX host is specified).
The default value is Yes.
- Yes if you want Kaspersky Secure Mail Gateway to reject the message delivery request if the
- To the right of the name of the Reject messages for unverified recipients setting, select one of the following options:
- No if you do not want to reject messages to unverified addresses.
- Reject for recipients not in valid list if you want to reject the message delivery request if the
RCPT TOaddress is not in the list of valid domains for its domain class.
- Click OK.
The Advanced MTA settings window closes.
SMTP verification of recipient email addresses is not performed when Kaspersky Secure Mail Gateway receives messages from trusted network hosts.
Intense mail traffic can increase the load on the mail server due to transmission of failed message delivery notifications.
DKIM signature for outgoing messages
This section provides instructions on adding a DKIM signature to outgoing messages.
About the DKIM signature for outgoing messages
A DKIM signature for outgoing messages is a digital signature added to messages sent from email addresses of a certain domain for purposes of identifying users by the name of the corporate domain.
DomainKeys Identified Mail (DKIM) technology combines several existing anti-phishing and anti-spam methods to improve the quality of classification and identification of legitimate email. Instead of a traditional IP address, DKIM technology adds a digital signature associated with the name of the corporate domain to the message for the purpose of identifying its sender.
Enabling and disabling the DKIM signature for outgoing messages
To enable or disable the DKIM signature for outgoing messages:
- In the main window of the application web interface, open the management console tree and select the Domains section.
- In the upper part of the workspace, click the DKIM signature link to open the DKIM settings window.
- Select one of the following options in the DKIM signature drop-down list:
- Enabled if you want to add the DKIM signature to outgoing messages.
- Disabled if you do not want to add the DKIM signature to outgoing messages.
- Click OK.
The DKIM settings window closes.
Creating the DKIM key
To create a DKIM key:
- In the main window of the application web interface, open the management console tree and select the Encryption Keys section and DKIM subsection.
- Click the Create button in the upper part of the workspace.
The Create DKIM key window opens.
- In the Key name field, type the name of the DKIM key that will help you to find the key when adding the DKIM signature for messages.
- Click OK.
The DKIM key you have created appears in the list of DKIM keys in the workspace of the main window of the application web interface.
Importing the DKIM key from file
To import a DKIM key from file:
- In the main window of the application web interface, open the management console tree and select the Encryption Keys section and DKIM subsection.
- Click the Import from file button in the upper part of the workspace.
The Import DKIM key window opens.
- In the Key name field, type the name that you want to assign to the DKIM key being imported.
- Click the Browse button to the right of the Choose DKIM key file field.
The file selection window opens in the web browser that you use.
- Choose the file of the DKIM key that you want to import and click the Open button in your web browser.
The file must contain an RSA key in PEM format and be 2048 or 4096 bits long.
The file selection window closes.
- Click OK.
The Import DKIM key window closes.
The DKIM key appears in the list of DKIM keys in the workspace of the main window of the application web interface.
Deleting the DKIM key
To delete a DKIM key:
- In the main window of the application web interface, open the management console tree and select the Encryption Keys section and DKIM subsection.
- In the list of DKIM keys, select the check box next to the name of one or several keys that you want to delete.
- Click the Delete button in the upper part of the workspace.
The Delete action confirmation window opens.
- Click Yes.
The Delete window closes.
The DKIM key is deleted.
Preparing to add the DKIM signature to outgoing messages
You can configure the DKIM signature for messages in the web interface of Kaspersky Secure Mail Gateway.
The process of configuring the DKIM signature for messages consists of the following steps:
- Enabling the DKIM signature for outgoing messages.
- Creating or importing a DKIM key.
- Adding the DKIM signature to messages sent from email addresses in a specific domain.
In order for the remote mail server to be able to verify the DKIM signature added to outgoing messages, you need to obtain the DNS record of the public DKIM key via the web interface of Kaspersky Secure Mail Gateway and add it to the settings of your DNS server.
To obtain the DNS record of the public DKIM key, do the following in the web interface of Kaspersky Secure Mail Gateway:
- In the main window of the application web interface, open the management console tree and select the Domains section.
- If the workspace shows the value of the DKIM signature setting as Disabled, do the following:
- Click the DKIM signature link to open the DKIM settings window.
- In the DKIM signature drop-down list, select Enabled.
- Click OK.
The DKIM settings window closes.
- In the list of domains, select the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
- In the DKIM signature for messages from domain addresses section, click Add.
The Creating DKIM signature for the domain window opens.
- In the Selector field, type the name that will help you find the DKIM signature.
- In the Key name list, select the DKIM key based on which the DKIM signature will be added to messages.
- Click OK.
The Creating DKIM signature for the domain window closes.
In the DKIM signature for messages from domain addresses section, the DNS record field shows the DNS record of the public DKIM key for a specific domain.
To add a public DKIM key to the settings of your DNS server:
- Sign in to your DNS server under the administrator account.
- Locate the page with information on updating DNS records of the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
For example, this page can be named "DNS Management", "Name Server Management", or "Advanced Settings".
- Find records in TXT format for the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
- In the list of records in TXT format, add the DNS record of the public DKIM key for a certain domain with the following contents:
<selector>._domainkey.<name of the domain for which you want to add the public DKIM key>. IN TXT ( "v=<DKIM version>; k=rsa; s=email" "p=<DNS record of the public DKIM key>" )For example, you can add the following string:
mail._domainkey.example.com IN TXT ( "v=DKIM1; k=rsa; s=email; " "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyb09IeTJtIxTEohP/wa8eZOuiFJxL3pjk+1R81ajQyTb4J8Dj23RbjOKCZGFdyJfj7MUUL9MpvAo6OL9KrfaF8ehR7MbHhaix1qPDfSP5a97vl9/6KR2TKJfi+0dQ/pMLJMbnXfdWeoDoDBUK0++B8HHCnSpLTxsH/YDOtjKaHFxbU6DMEICTiVBWR+yeWopdWi9kPNT5SJ5H" )See Document RFC 5617 for details on configuring settings of the DNS record of a public DKIM key.
- Save changes.
The syntax of the sample DNS record is provided for purposes of adding it to the settings of a BIND DNS server. The syntax of the DNS record to be added to other DNS servers may differ slightly from the example provided.
Adding the DKIM signature to messages from addresses from a specific domain
Before adding the DKIM signature to messages from addresses belonging to a certain domain, you have to create or import a DKIM key.
To add the DKIM key to messages sent from email addresses belonging to a certain domain:
- In the main window of the application web interface, open the management console tree and select the Domains section.
- If the workspace shows the value of the DKIM signature setting as Disabled, do the following:
- Click the DKIM signature link to open the DKIM settings window.
- In the DKIM signature drop-down list, select Enabled.
- Click OK.
The DKIM settings window closes.
- In the list of domains, select the domain for which you want to add the DKIM signature to outgoing messages.
- In the DKIM signature for messages from domain addresses section, click Add.
- The Creating DKIM signature for the domain window opens.
- In the Selector field, type the name that will help you find the DKIM signature.
- In the Key name list, select the DKIM key based on which the DKIM signature will be added to messages.
- Click OK.
The Creating DKIM signature for the domain window closes.
After you have configured the DKIM signature for messages in the web interface of Kaspersky Secure Mail Gateway, in order for the remote mail server to be able to verify this DKIM signature you have to add the public DKIM key to the settings of your DNS server.
Using the application via the SNMP protocol
This section provides instructions on using the application via the SNMP protocol and configuring traps for events that occur during operation of Kaspersky Secure Mail Gateway.
About receiving runtime information via the SNMP protocol
SNMP (Simple Network Management Protocol) – a protocol for managing network devices.
The SNMP protocol is used in Kaspersky Secure Mail Gateway as follows:
- SNMP agent – a network management software module of Kaspersky Secure Mail Gateway, which monitors the operation of Kaspersky Secure Mail Gateway.
- Kaspersky Secure Mail Gateway can send this information in the form of SNMP traps – application event notifications.
You can use the SNMP protocol to access the following information about Kaspersky Secure Mail Gateway:
- General information
- Runtime statistics of Kaspersky Secure Mail Gateway since the time of its installation
- Information about Kaspersky Secure Mail Gateway runtime events.
Read-only access is granted.
Enabling and disabling the use of the SNMP protocol in Kaspersky Secure Mail Gateway
To enable or disable the use of SNMP with Kaspersky Secure Mail Gateway:
- In the main window of the application web interface, open the management console tree and select the Settings section and SNMP subsection.
- Do one of the following:
- Flip on the toggle switch next to the name of the Use SNMP settings group to enable the use of SNMP.
- Flip off the toggle switch next to the name of the Use SNMP settings group to disable the use of SNMP.
Configuring the connection to the SNMP server
To configure the connection to the SNMP server:
- In the main window of the application web interface, open the management console tree and select the Settings section and SNMP subsection.
- Click the SNMP server connection address and port link or the SNMP server time-out link to open the SNMP server connection settings window.
- In the SNMP server connection address and port field, type the SNMP server connection address and port.
For example, you can type tcp:localhost:705.
- In the SNMP server time-out field, specify the maximum SNMP server time-out in seconds. You can specify a value in the range from 1 to 255 seconds.
The default value is 15 seconds.
- Click OK.
Enabling and disabling the transmission of SNMP traps
To enable or disable delivery of SNMP traps with information about Kaspersky Secure Mail Gateway runtime events:
- In the main window of the application web interface, open the management console tree and select the Settings section and SNMP subsection.
- Flip on the toggle switch next to the name of the Use SNMP settings group if it is off.
- In the Use SNMP section, do one of the following:
- Flip on the toggle switch next to the name of the Send SNMP traps group of settings to enable delivery of SNMP traps.
- Flip off the toggle switch next to the name of the Send SNMP traps group of settings to disable delivery of SNMP traps.
Enabling and disabling the transmission of SNMP traps for specific events
You can enable or disable the transmission of SNMP traps for each one of the following events:
- Database update error.
- Error compiling Anti-Spam database.
- Anti-Spam databases are obsolete.
- Anti-Spam databases are out of date.
- Anti-Virus databases are obsolete.
- Anti-Virus databases are out of date.
- Error placing message in Backup.
- Backup is almost full.
- Error deleting messages from Backup.
- Key is blacklisted.
- License has expired.
- License expires soon.
- Key has been added successfully.
- Key has been removed successfully.
- Process has terminated unexpectedly.
- Process restarted successfully.
- Application restarted successfully.
- Probably infected object is detected.
- Error during Anti-Spam scan.
- Error during Anti-Virus scan.
- LDAP server connection error.
- Successful connection to LDAP server.
To enable or disable transmission of SNMP traps for specific events:
- In the main window of the application web interface, open the management console tree and select the Settings section and SNMP subsection.
- Flip on the toggle switch next to the name of the Use SNMP settings group if it is off.
- Flip on the toggle switch next to the name of the Send SNMP traps settings group if it is off.
- In the Send SNMP Traps settings group, click the link with the name of an event for which you want to enable or disable delivery of SNMP traps (for example, Database update error), open the Send SNMP Traps window.
- In the list to the right of the event name (for example, Database update error) select one of the following options:
- Yes if you want to enable delivery of SNMP traps for the event.
- No if you want to disable delivery of SNMP traps for the event.
- Click OK.
Kaspersky Secure Mail Gateway event log
This section contains information about the Kaspersky Secure Mail Gateway event log.
About the event log
Various events occur during the operation of Kaspersky Secure Mail Gateway. They reflect changes in the status of the application. To allow the application administrator to analyze errors in application settings and enable Kaspersky Lab representatives to provide effective technical support, Kaspersky Secure Mail Gateway logs information about such events in the event log.
Event log data is stored for the entire duration of Kaspersky Secure Mail Gateway usage and is deleted permanently when the application is uninstalled. Event log files are automatically rotated when the files reach the file size limit.
Kaspersky Secure Mail Gateway keeps the event log in the system log of the operating system (syslog) in the Mail category. You can change the category of the event log in the system log.
Kaspersky Secure Mail Gateway categorizes events in terms of the following levels:
- Error – events involving application errors.
- Info – informational events.
Events of the Info level can contain email addresses of message senders and recipients, attachment names, IP addresses of computers from which messages were sent, and detailed information about message scan results.
By default, Kaspersky Secure Mail Gateway logs only events with the Info level of importance in the event log (see table below). You can configure all application events to be recorded in the log.
Events in the event log
Event |
Description |
Event level |
|---|---|---|
RuleSettingsChangedEvent |
Message processing rule settings have been changed. |
Info |
TaskSettingsChangedEvent |
Task settings have been changed. |
Info |
MessageProcessedEvent |
Message has been processed. |
Info |
MessageNotProcessedEvent |
Message has not been processed. |
Info |
MessageQuarantinedEvent |
Messages has been placed in Backup. |
Info |
ProductStartEvent |
Application has been started. |
Info |
ScheduledReportError |
Error creating scheduled report. |
Error |
ScheduledReportGenerated |
Scheduled report has been generated. |
Info |
BackupLimitReachedEvent |
Backup limit size has been reached. |
Info |
BackupRestoreAvThreatEvent |
Message from Backup has been saved to file or sent to recipients. |
Info |
BackupAddErrorEvent |
Error adding message to Backup. |
Error |
BackupRotateErrorEvent |
Error automatically freeing up space in Backup. |
Error |
AvUpdateErrorEvent |
Error updating Anti-Virus databases. |
Error |
AvBasesLoadError |
Error loading Anti-Virus databases. |
Error |
AspUpdateErrorEvent |
Error updating Anti-Spam databases. |
Error |
AspBasesLoadError |
Error loading Anti-Spam databases. |
Error |
ApUpdateErrorEvent |
Error updating Anti-Phishing databases. |
Error |
ApBasesLoadError |
Error loading Anti-Phishing databases. |
Error |
AvBasesAttachedEvent |
Anti-Virus databases have been updated successfully. |
Info |
ApBasesAttachedEvent |
Anti-Phishing databases have been updated successfully. |
Info |
AspBasesAttachedEvent |
Anti-Spam databases have been updated successfully. |
Info |
NothingToUpdateEvent |
No database update required. |
Info |
AvBasesOutdatedEvent |
Anti-Virus databases are out of date. |
Info |
AspBasesOutdatedEvent |
Anti-Spam databases are out of date. |
Info |
ApBasesOutdatedEvent |
Anti-Phishing databases are out of date. |
Info |
AvBasesObsoleteEvent |
Anti-Virus databases are obsolete. |
Info |
AspBasesObsoleteEvent |
Anti-Spam databases are obsolete. |
Info |
ApBasesObsoleteEvent |
Anti-Phishing databases are obsolete. |
Info |
AvBasesAppliedEvent |
Anti-Virus databases have been loaded successfully. |
Info |
AspBasesAppliedEvent |
Anti-Spam databases have been loaded successfully. |
Info |
ApBasesAppliedEvent |
Anti-Phishing databases have been loaded successfully. |
Info |
LicenseBlacklistedEvent |
Key is blacklisted. |
Error |
LicenseExpiredEvent |
License has expired. |
Error |
LicenseExpiresSoonEvent |
License expires soon. |
Info |
LicenseErrorEvent |
Key related error. |
Error |
LicenseInstalledEvent |
Key has been added successfully. |
Info |
LicenseRevokedEvent |
Key has been removed successfully. |
Info |
TaskCrashEvent |
Process returned an error. |
Error |
TaskRestartEvent |
Process has been restarted. |
Info |
QueueFlushMessageSuccessEvent |
Forced delivery of a single message from the queue is successful. |
Info |
QueueFlushMessageFailureEvent |
Forced delivery of a single message from the queue returned an error. |
Error |
QueueFlushAllSuccessEvent |
Forced delivery of all messages from the queue is successful. |
Info |
QueueFlushAllFailureEvent |
Forced delivery of all messages from the queue returned an error. |
Error |
QueueDeleteMessageSuccessEvent |
Removal of a single message from the queue is successful. |
Info |
QueueDeleteMessageFailureEvent |
Removal of a single message from the queue returned an error. |
Error |
QueueDeleteAllSuccessEvent |
Removal of all messages from the queue is successful. |
Info |
QueueDeleteAllFailureEvent |
Removal of all messages from the queue returned an error. |
Error |
MailProcessingChangeSuccessEvent |
Change of the message send or receive status: successful. |
Info |
MailProcessingChangeFailureEvent |
Change of the message send or receive status: error. |
Error |
TLSServerCertificateWasChanged |
Modifying a TLS certificate. |
Info |
Configuring the event log
You can select the category of the event log and specify the event log level.
By default, events are recorded in the log of the Mail category and have the Info event level.
To configure the event log:
- In the main window of the application web interface, open the management console tree and select the Settings section and General settings subsection.
- In the Event log settings section, click any link to open the Event log settings window.
- Select the event log category in the Syslog facility list.
- Select the event log level in the Event level list.
- Click OK.
Viewing the event log
To view the Kaspersky Secure Mail Gateway event log:
- In the main window of the application web interface, open the management console tree and select the Settings section and Log subsection.
- In the Log category list, select the category of the event log that you want to view.
- In the Last list, select the number of entries you want to view.
- Click the View button.
Downloading the event log to hard drive
To download the Kaspersky Secure Mail Gateway event log to the hard drive:
- In the main window of the application web interface, open the management console tree and select the Settings section and Log subsection.
- In the Log category list, select the category of the event log that you want to download.
- To the right of the Log category list, click the Download link to open the event log download window.
Kaspersky Secure Mail Gateway operation reports
This section provides instructions on creating and viewing mail server operation reports.
About Kaspersky Secure Mail Gateway operation reports
You can receive information about Kaspersky Secure Mail Gateway performance during a certain period from Kaspersky Secure Mail Gateway operation reports.
Reports contain the following information about the operation of Kaspersky Secure Mail Gateway:
- A consolidated report on the results of operation of Kaspersky Secure Mail Gateway components, which shows the quantity and volume of messages calculated based on the following parameters:
- Detected by Anti-Virus
- Detected by Anti-Spam
- Processed by Content filtering
- Detected by Anti-Phishing
- Sender's authenticity violations
- Clean
- Unscanned
- Total messages
- A consolidated report on actions taken by Kaspersky Secure Mail Gateway on messages, which reflects the quantity and volume of messages calculated based on the following parameters:
- Messages delivered, including:
- Clean
- Disinfected
- With deleted attachments
- Skipped
- Unscanned
- Messages not delivered, including:
- Deleted
- Rejected
- Postponed
- Total messages
- Messages delivered, including:
- A report on the results of operation of the Anti-Virus component, which reflects the number of messages that were scanned and skipped by the Anti-Virus component of Kaspersky Secure Mail Gateway during a certain period and contains statistics on detection of messages of the following types:
- Clean
- Infected
- Probably infected
- Encrypted
- A report on the results of operation of the Anti-Spam component, which reflects the number of messages that were scanned and skipped by the Anti-Spam component of Kaspersky Secure Mail Gateway during a certain period and contains statistics on detection of messages of the following types:
- Not spam
- Probable spam
- Mass mail
- Spam
- From untrusted sender
- A report on the results of operation of the Anti-Phishing component, which reflects the number of messages that were scanned and skipped by the Anti-Phishing component of Kaspersky Secure Mail Gateway during a certain period and contains statistics on detection of messages of the following types:
- Not phishing
- Phishing.
- Malicious link.
- A report on the results of content filtering of messages, which reflects the number of messages processed according to content filtering rules during a certain period calculated based on the following parameters:
- Messages without violations
- Messages exceeding the allowed size
- Messages with attachments having a forbidden name
- Messages with attachments of a forbidden type
- Report on the message processing rules applied.
- A report on the top ten spam sources, listing the addresses of sources and the number of times they triggered the Anti-Spam component.
- A report on the top ten email addresses to which the largest number of spam messages were sent, listing the email addresses of message recipients and the number of times they triggered the Anti-Spam component.
- A report on the top ten sources of malicious objects based on verdicts of the Anti-Virus component, listing the addresses of sources and the number of times they triggered the Anti-Virus component.
- A report on the top ten email addresses to which the largest number of malicious objects were sent based on verdicts of the Anti-Virus component, listing the addresses of recipients and the number of times they triggered the Anti-Virus component.
You can configure the following reports on the operation of the mail server:
- Daily.
- Weekly.
- Monthly.
- Custom.
Generating a custom report
To generate a custom report:
- In the main window of the application web interface, open the management console tree and select the Reports section and Custom subsection.
- Click the Create button in the upper part of the workspace.
The Custom report settings window opens.
- In the Reporting period list, select the period for which you want to generate a custom report, and do the following depending on the option you have selected:
- If you want to generate a report for a specific day, in the Day field enter the date for which you want to generate the report.
- If you want to generate a report for a specific month, in the Month field select the month for which you want to generate the report.
- If you want to generate a report for a specific year, in the Year field select the year for which you want to generate the report.
- If you want to generate a report for a specific date range, in the Date range field specify the start and end dates of the period for which you want to generate the report.
- In the Report language list, select the language in which the custom report will be generated.
- In the Format of report dates list, select the format of dates as you want them to appear in the custom report.
- If you want Kaspersky Secure Mail Gateway to send the custom report to email addresses, select the check box next to the name of the Enable report sending setting and do the following:
- Select the check box next to the name of the Send report to administrator setting if you want Kaspersky Secure Mail Gateway to send the custom report to the email addresses of the Kaspersky Secure Mail Gateway administrator.
- In the Send report to the following email addresses field, type the email address to which you want to configure the delivery of the custom report.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the Add button to the right of the entry field.
The email address you have added appears in the list under the entry field.
- Click OK.
The Custom report settings window closes.
The generated Kaspersky Secure Mail Gateway operation reports appear in the list in the workspace of the main window of the application web interface.
Enabling and disabling daily reports
To enable or disable Kaspersky Secure Mail Gateway daily reports:
- In the main window of the application web interface, open the management console tree and select the Reports section and Daily subsection.
- In the Generating Daily report section, do one of the following:
- Flip on the toggle switch next to the name of the Generating Daily report section to enable Kaspersky Secure Mail Gateway daily reports.
- Flip off the toggle switch next to the name of the Generating Daily report section to disable Kaspersky Secure Mail Gateway daily reports.
Configuring the daily report
To configure the Kaspersky Secure Mail Gateway daily report:
- In the main window of the application web interface, open the management console tree and select the Reports section and Daily subsection.
- In the Generating Daily report section, click any link to open the Daily report settings window.
- In the Report generation time field, specify the time at which the daily report will be generated.
Specify a time in the range of 00:00 to 23:59.
- In the Report language list, select the language in which the daily report will be generated.
- In the Format of report dates list, select the format of dates as you want them to appear in the daily report.
- If you want Kaspersky Secure Mail Gateway to send the daily report to email addresses, select the check box next to the name of the Enable report sending setting and do the following:
- Select the check box next to the name of the Send report to administrator setting if you want Kaspersky Secure Mail Gateway to send the daily report to the email addresses of the Kaspersky Secure Mail Gateway administrator.
- In the Send report to the following email addresses field, type the email address to which you want to configure the delivery of the daily report.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the Add button to the right of the entry field.
The email address you have added appears in the list under the entry field.
- Click OK.
The Daily report settings window closes.
The Generating Daily report section displays the Kaspersky Secure Mail Gateway daily report settings you have configured.
The generated Kaspersky Secure Mail Gateway weekly reports will appear in the list under the Generating Daily report section.
Enabling and disabling weekly reports
To enable or disable Kaspersky Secure Mail Gateway weekly reports:
- In the main window of the application web interface, open the administration console tree and select the Reports section and Weekly subsection.
- In the Generating Weekly report section, do one of the following:
- Flip on the toggle switch next to the name of the Generating Weekly report section to enable Kaspersky Secure Mail Gateway weekly reports.
- Flip off the toggle switch next to the name of the Generating Weekly report section to disable Kaspersky Secure Mail Gateway weekly reports.
Configuring the weekly report
To configure the Kaspersky Secure Mail Gateway weekly report:
- In the main window of the application web interface, open the administration console tree and select the Reports section and Weekly subsection.
- In the Generating Weekly report section, click any link to open the Weekly report settings window.
- In the Report generation time and day of week fields, select the day of the week and specify the time when the weekly report will be generated.
Specify a time in the range of 00:00 to 23:59.
- In the Report language list, select the language in which the weekly report will be generated.
- In the Format of report dates list, select the format of dates as you want them to appear in the weekly report.
- If you want Kaspersky Secure Mail Gateway to send the weekly report to email addresses, select the check box next to the name of the Enable report sending setting and do the following:
- Select the check box next to the name of the Send report to administrator setting if you want Kaspersky Secure Mail Gateway to send the weekly report to the email addresses of the Kaspersky Secure Mail Gateway administrator.
- In the Send report to the following email addresses field, type the email address to which you want to configure the delivery of the weekly report.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the Add button to the right of the entry field.
The email address you have added appears in the list under the entry field.
- Click OK.
The Weekly report settings window closes.
The Generating Weekly report section displays the Kaspersky Secure Mail Gateway weekly report settings you have configured.
The generated Kaspersky Secure Mail Gateway weekly reports will appear in the list under the Generating Weekly report section.
Enabling and disabling monthly reports
To enable or disable Kaspersky Secure Mail Gateway monthly reports:
- In the main window of the application web interface, open the management console tree and select the Reports section and Monthly subsection.
- In the Generating Monthly report section, do one of the following:
- Flip on the toggle switch next to the name of the Generating Monthly report section to enable Kaspersky Secure Mail Gateway monthly reports.
- Flip off the toggle switch next to the name of the Generating Monthly report section to disable Kaspersky Secure Mail Gateway monthly reports.
Configuring the monthly report
To configure the Kaspersky Secure Mail Gateway monthly report:
- In the main window of the application web interface, open the management console tree and select the Reports section and Monthly subsection.
- In the Generating Monthly report section, click any link to open the Monthly report settings window.
- In the Report generation day of the month and time fields, select the day of the month and specify the time when the monthly report will be generated.
Specify a time in the range of 00:00 to 23:59.
- In the Report language list, select the language in which the monthly report will be generated.
- In the Format of report dates list, select the format of dates as you want them to appear in the monthly report.
- If you want Kaspersky Secure Mail Gateway to send the monthly report to email addresses, select the check box next to the name of the Enable report sending setting and do the following:
- Select the check box next to the name of the Send report to administrator setting if you want Kaspersky Secure Mail Gateway to send the monthly report to the email addresses of the Kaspersky Secure Mail Gateway administrator.
- In the Send report to the following email addresses field, type the email address to which you want to configure the delivery of the monthly report.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the Add button to the right of the entry field.
The email address you have added appears in the list under the entry field.
- Click OK.
The Monthly report settings window closes.
The Generating Monthly report section displays the Kaspersky Secure Mail Gateway monthly report settings you have configured.
The generated Kaspersky Secure Mail Gateway weekly reports will appear in the list under the Generating Monthly report section.
Viewing Kaspersky Secure Mail Gateway operation reports
To view Kaspersky Secure Mail Gateway operation reports:
- In the main window of the application web interface, go to the console tree and select the Reports section and the subsection depending on the type of reports you want to view:
- All reports if you want to view all reports.
- Daily if you want to view daily reports.
- Weekly if you want to view weekly reports.
- Monthly if you want to view monthly reports.
- Custom if you want to view custom reports.
A page with the list of reports of the type you have selected opens.
- Click the PDF link in the row with the details of the report that you want to view.
The report is downloaded to hard drive of your computer in the folder specified as the destination folder for downloading files from the Internet in the settings of the web browser that you use to manage Kaspersky Secure Mail Gateway.
For example, if you are using the Microsoft Windows operating system and the Downloads folder is specified as the destination folder for downloading files from the Internet, the message is saved in the Downloads folder on the hard drive of your computer.
Deleting Kaspersky Secure Mail Gateway operation reports
To delete one or several Kaspersky Secure Mail Gateway operation reports:
- In the main window of the application web interface, go to the console tree and select the Reports section and the subsection depending on the type of reports you want to delete:
- All reports if you want to remove all reports from the list.
- Daily if you want to remove daily reports from the list.
- Weekly if you want to remove weekly reports from the list.
- Monthly if you want to remove monthly reports from the list.
- Custom if you want to remove custom reports from the list.
A page with the list of reports of the type you have selected opens.
- Select check boxes in rows with the details of reports you want to delete.
- Click the Delete button in the upper part of the workspace.
The selected reports are deleted.
Black and white lists of addresses
This section contains information about black and white lists of email addresses that you can create and edit in Kaspersky Secure Mail Gateway.
About black and white lists of addresses
Black and white lists of addresses can be used to fine-tune the mail system's response to messages that are not spam officially (such as news feeds). Black lists of addresses can also be used to configure the application to block messages containing threats and spam before Kaspersky Security databases have been updated.
There are two types of black and white lists of addresses:
- Custom. They contain addresses of message senders for the given recipient. A custom white list of addresses allows messages to pass through without anti-spam scanning. The messages are still scanned for phishing, viruses, and other threats, and content filtering is also performed.
- Global. Contain the addresses of message senders and recipients. You can configure such lits in the preset WhiteList and BlackList message processing rules. You can also create rules and specify the addresses of senders and recipients whose messages should be rejected without scanning or delivered without scanning. A global white list of addresses allows messages to pass through without scanning for spam, viruses, and phishing threats.
Messages whose sender and recipients have their addresses on a global black or white list of addresses are processed as follows:
- If the addresses of the sender and recipients of a message are on a global black list of addresses, the application rejects the message. The message does not reach the mail server of Kaspersky Secure Mail Gateway.
- If the addresses of the sender and recipients of a message are on a global white list of addresses, the application refers the message for further scanning, bypassing scanning by the Anti-Spam, Anti-Virus, and Anti-Phishing components.
- If the addresses of the sender and recipients of a message are both on the global white list and the global black list of addresses, the application processes the message according to a rule with a higher priority.
A message is processed according to the rule of a custom white list or personal black list of addresses if the rules of the global black list and global white list of addresses do not apply to it.
A message whose sender has his address on a custom black or white list of addresses is processed as follows:
- If the message sender's address is on a custom black list of addresses and one of the addresses of the message recipients belongs to the owner of the custom black list of addresses, the message is not delivered to the recipient who owns the custom black list. Depending on the action configured for messages from senders on a custom black list, the message is either deleted or quarantined.
- If the sender's address is on a custom white list of addresses, the message is delivered to the recipient depending on the results of scanning for viruses, phishing threats, and content filtering.
- If the sender's address is both on a custom white list and black list of addresses, the message is processed according to the rules of the personal white list of addresses.
Configuring the custom black list of addresses
To configure the custom black list of email addresses:
- In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
- In the Custom black list settings section, click any link to open the Black list settings window.
- In the If the sender's address is blacklisted list, select one of the following actions to take on messages:
- Delete message if you want to delete messages from a sender whose address is in the custom black list.
- Reject if you want to reject messages from a sender whose address is in the custom black list.
- In the Move message to Backup list, select one of the following values:
- Yes if you want to move messages from a sender whose address is in the custom black list to Backup.
- No if you do not want to move messages from a sender whose address is in the custom black list to Backup.
- Click the Apply button.
Viewing custom black and white lists of addresses
To be able to access custom black and white lists of addresses from the web interface of Kaspersky Secure Mail Gateway, you have to add a connection to an LDAP server.
To be able to manage custom black and white lists of addresses from the web interface of Kaspersky Secure Mail Gateway, you have to connect to an LDAP server.
To view custom black and white lists of email addresses:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- In the Custom Black and White lists of addresses settings group, click the Access to black and white lists link to open the Custom Black and White lists of addresses window.
- In the Search by user name or group name in the LDAP directory service field, type a search string for searching custom black and white lists of addresses by user name or group name in the LDAP directory service.
- Click the Find button on the right of the entry field.
A list of LDAP accounts matching the search string you specified appears under the entry field.
- Click the LDAP account of the user whose custom black and white lists of addresses you want to view.
- After you finish managing the user's custom lists, click the Close button.
The Custom black and white lists of addresses window closes.
Adding addresses to custom black and white lists of addresses
To be able to access custom black and white lists of addresses from the web interface of Kaspersky Secure Mail Gateway, you have to add a connection to an LDAP server.
To be able to manage custom black and white lists of addresses from the web interface of Kaspersky Secure Mail Gateway, you have to connect to an LDAP server.
To add addresses to custom black and white lists of email addresses:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- In the Custom Black and White lists of addresses settings group, click the Access to black and white lists link to open the Custom Black and White lists of addresses window.
- In the Search by user name or group name in the LDAP directory service field, type a search string for searching custom black and white lists of addresses by user name or group name in the LDAP directory service.
- Click the Find button on the right of the entry field.
A list of LDAP accounts matching the search string you specified appears under the entry field.
- Click the LDAP account of the user to whose custom black and white lists of addresses you want to add addresses.
The custom black and white lists of addresses appear in the lower part of the window.
- In the address entry field of the list of addresses to which you want to add email addresses, type the email address that you want to add.
The email addresses are entered one at a time. Repeat the process of adding addresses to the list for all email addresses that you are adding.
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "reg".
Regular expressions are not case-sensitive.
- Click the Add button to the right of the entry field.
The email address that has been added appears in the list you have selected.
- After you finish managing the user's custom lists, click the Apply button.
The Custom black and white lists of addresses window closes.
Removing addresses from custom black and white lists of addresses
To be able to access custom black and white lists of addresses from the web interface of Kaspersky Secure Mail Gateway, you have to add a connection to an LDAP server.
To be able to manage custom black and white lists of addresses from the web interface of Kaspersky Secure Mail Gateway, you have to connect to an LDAP server.
To remove addresses from custom black and white lists of email addresses:
- In the main window of the application web interface, open the management console tree and select the Settings section and LDAP subsection.
- In the Custom Black and White lists of addresses settings group, click the Access to black and white lists link to open the Custom Black and White lists of addresses window.
- In the Search by user name or group name in the LDAP directory service field, type a search string for searching custom black and white lists of addresses by user name or group name in the LDAP directory service.
- Click the Find button on the right of the entry field.
A list of LDAP accounts matching the search string you specified appears under the entry field.
- Click the LDAP account of the user from whose custom black and white lists of addresses you want to remove addresses.
The custom black and white lists of addresses appear in the lower part of the window.
- In the list of addresses from which you want to remove the address, select the email address that you want to remove.
The email addresses are deleted one at a time. Repeat the process of removing addresses from the list for all email addresses that you are deleting.
- Click the Delete button on the right of the list of addresses.
The email address is removed from the list of you have selected.
- After you finish managing the user's custom lists, click the Apply button.
The Custom black and white lists of addresses window closes.
Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
This section contains information about using the TLS protocol in the operation Kaspersky Secure Mail Gateway and instructions on how to configure the protocol usage settings.
About using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
TLS (Transport Layer Security) protocol is a protocol for encrypting the connection between two servers, which ensures secure transmission of data between network nodes on the Internet.
TLS session is a sequence of the following events:
- The server from which email messages are sent (Client) establishes a connection to the server to which email messages are sent (Server).
- Servers start interacting via the SMTP protocol.
- The Client uses the
STARTTLScommand to offer the Server to use TLS during SMTP interaction. - If the Server is able to use TLS, it responds with the
STARTTLScommand and sends the certificate of the Server to the Client. - The Client receives the certificate and, if the relevant parameter values are specified in it, verifies the authenticity of the Server certificate.
- The Client and the Server enable the data encryption mode.
- The servers exchange data.
- The session ends.
You can configure TLS security mode for situations when Kaspersky Secure Mail Gateway receives messages from another server (acts in the Server role) and sends messages to another server (acts in the Client role), as well as configure TLS settings for individual domains and domain groups that use the same IP address.
Configuring TLS security for Kaspersky Secure Mail Gateway in Server role
To configure TLS security mode for situations when Kaspersky Secure Mail Gateway receives messages from another server (acts in the Server role):
- In the main window of the application web interface, open the management console tree and select the Domains section.
- Click any link to open the TLS settings window.
- In the Server TLS security level settings group, select one of the following modes of TLS encryption of the connection between Kaspersky Secure Mail Gateway and the server that sends email messages:
- No TLS Encryption if you do not want to use TLS encryption of the connection to the server that sends email messages.
In this case, Kaspersky Secure Mail Gateway receives all messages in unencrypted form.
- Accept TLS Encryption if you want Kaspersky Secure Mail Gateway to offer TLS encryption of the connection to the server that sends email messages.
In this case, Kaspersky Secure Mail Gateway uses the
STARTTLScommand to offer the server that sends email messages to use TLS encryption, but accepts messages regardless of the server's response. - Require TLS Encryption if you want Kaspersky Secure Mail Gateway to require the server that sends email messages to use TLS encryption of the connection.
In this case, the server that is sending email messages (Client) uses the
STARTTLScommand to offer Kaspersky Secure Mail Gateway to use TLS encryption. Kaspersky Secure Mail Gateway responds with theSTARTTLScommand and sends the Server certificate to the Client and also requires the Client to verify the authenticity of the Server certificate. The encrypted TLS connection is established after the Client has verified the authenticity of the Server certificate.
- No TLS Encryption if you do not want to use TLS encryption of the connection to the server that sends email messages.
- In the Providing Server TLS certificate settings group, select the TLS certificate of the server to be sent by Kaspersky Secure Mail Gateway to the Client for authentication at the beginning of each TLS session.
You can create or import a TLS certificate in the Encryption keys section, TLS subsection of the main window of the Kaspersky Secure Mail Gateway web interface.
- In the Requesting Client TLS certificate settings group, select one of the following options:
- Do not request if you want Kaspersky Secure Mail Gateway not to request the client's TLS certificate.
- Request if you want Kaspersky Secure Mail Gateway to request the client's TLS certificate but to still be able to redirect messages regardless of the certificate verification result.
- Require if you want Kaspersky Secure Mail Gateway to require the client's TLS certificate and not forward messages on detecting an invalid name or invalid TLS certificate of the client.
Set the Request or Require mode only if you are certain that the clients supported by your mail server can provide a verifiable TLS certificate.
- Click OK.
Configuring TLS security for Kaspersky Secure Mail Gateway in Client role
To configure TLS security mode for situations when Kaspersky Secure Mail Gateway redirects messages from another server (acts in the Client role):
- In the main window of the application web interface, open the management console tree and select the Domains section.
- Click any link to open the TLS settings window.
- In the Client TLS security level settings group, select one of the following modes of TLS encryption of the connection between Kaspersky Secure Mail Gateway and the server that receives email messages:
- No TLS Encryption if you do not want to use TLS encryption of the connection to the server that receives email messages.
In this case, Kaspersky Secure Mail Gateway redirects all messages in unencrypted form.
- Attempt TLS Encryption if you want Kaspersky Secure Mail Gateway to attempt establishing a TLS session with the receiving mail server and—if the receiving server does not support TLS—redirect messages in unencrypted form.
- Require TLS Encryption and don't verify certificate if you want Kaspersky Secure Mail Gateway to redirect messages only if the receiving mail server supports TLS, but regardless of the authenticity of its TLS certificate.
- Require TLS Encryption and verify certificate if you want Kaspersky Secure Mail Gateway to redirect messages only if the receiving mail server supports TLS, its TLS certificate has been verified, and the certificate name matches the domain name of the server.
Kaspersky Secure Mail Gateway does not redirect messages when these conditions are not satisfied.
- No TLS Encryption if you do not want to use TLS encryption of the connection to the server that receives email messages.
- Click OK.
Creating a TLS certificate
To create a TLS certificate:
- In the main window of the application web interface, open the management console tree and select the Encryption Keys section and TLS subsection.
- Click the Create button in the upper part of the workspace.
The Create TLS certificate window opens.
- In the TLS certificate name, type the name of the TLS certificate to be sent to the SMTP client for authentication at the beginning of each TLS session.
The TLS certificate of the server is provided when Kaspersky Secure Mail Gateway acts in the role of a mail server (receives messages).
The TLS certificate name cannot be blank.
- In the Country code field, type the two-letter code of the country in which your organization is located.
For example, you can type RU for Russia or US for the USA.
- In the State field, type the name of the state or region where your organization is located.
- In the Locality field, type the name of the city where your organization is located.
- In the Organization Unit field, type the name of the organizational unit for which you are creating the TLS certificate.
- In the Email address field, specify the email address of the Kaspersky Secure Mail Gateway administrator.
- Click OK.
The TLS certificate you have created appears in the list of TLS certificates in the workspace of the main window of the application web interface.
Deleting a TLS certificate
To delete a TLS certificate:
- In the main window of the application web interface, open the management console tree and select the Encryption Keys section and TLS subsection.
- In the list of TLS certificates, select the check box next to the name of one or several certificates that you want to delete.
- Click the Delete button in the upper part of the workspace.
The Delete action confirmation window opens.
- Click Yes.
The Delete window closes.
The TLS certificate is deleted.
Preparing a self-signed TLS certificate for import
A self-signed TLS certificate intended to be imported into Kaspersky Secure Mail Gateway must meet the following requirements:
- The certificate file must have a unique name in the list of certificates used in Kaspersky Secure Mail Gateway.
- The certificate file and the private key file must be in PEM format.
- The key length must be 1024 bits or longer.
By way of an example, below are instructions on how to prepare for import the self-signed TLS server certificate server_cert.pem, whose private key is contained in the key.pem file.
To prepare a self-signed TLS certificate for import into Kaspersky Secure Mail Gateway:
- In the private key file, remove the password (if any) for accessing the certificate. To do so, execute the command:
# openssl rsa -in <name of the private key file>.pem -out <name of the private key file with the password removed>.pemFor example, you can execute the following command:
# openssl rsa -in key.pem -out key-nopass.pem - Combine the private key and the server certificate in a single file. To do so, execute the command:
% cat <name of the private key file with the password removed>.pem <name of the server certificate>.pem <name of the server certificate after the files were combined>.pemFor example, you can execute the following command:
% cat key-nopass.pem server_cert.pem > cert.pem
The self-signed TLS certificate (for example, cert.pem) is ready for import into Kaspersky Secure Mail Gateway.
Preparing to import a TLS certificate signed by a certification authority
A TLS certificate signed by a certification authority (CA certificate) intended for import into Kaspersky Secure Mail Gateway must meet the following requirements:
- The certificate file must have a unique name in the list of certificates used in Kaspersky Secure Mail Gateway.
- The files of the server certificate, intermediate and root CA certificates, and the private key file must be in PEM format.
- The key length must be 1024 bits or longer.
- You must have the complete certificate chain – the path from the server certificate to the roof CA certificate.
On receiving the CA certificate, you may need to use the intermediate certificate in addition to the server certificate.
- Certificates must be specified in the certificate chain in the following order: first the server certificate followed by intermediate CA certificates.
- Intermediate certificates must not be skipped in the certificate chain.
- The certificate chain must not include any certificates unrelated to current certification.
By way of an example, below are instructions on how to prepare for import a TLS server certificate signed by a certification authority, server_cert.pem, whose private key is contained in the key.pem file. The name of the intermediate server certificate is intermediate CA. The name of the root certificate is root CA.
To prepare a TLS certificate signed by a certification authority for import into Kaspersky Secure Mail Gateway:
- In the file of the TLS certificate, remove the password (if any) for accessing the certificate. To do so, execute the command:
# openssl rsa -in <name of the private key file>.pem -out <name of the private key file with the password removed>.pemFor example, you can execute the following command:
# openssl rsa -in key.pem -out key-nopass.pem - Do one of the following:
- If you are certain that the clients to which the server will provide this certificate have their own copies of the root and intermediate CA certificates, combine the private key, server certificate, intermediate and root CA certificates into a single file. To do so, execute the command:
% cat <name of the private key file with the password removed>.pem <name of the server certificate>.pem <name of the intermediate CA certificate>.pem <name of the root CA certificate>.pem <name of the TLS certificate after the files were combined>.pemFor example, you can execute the following command:
% cat key-nopass.pem server_cert.pem intermediate_CA.pem root_CA.pem > cert.pem - If you are not sure that the clients to which the server will provide this certificate have their own copies of the root and intermediate CA certificates, combine the private key and server certificate into a single file. To do so, execute the command:
% cat <name of the private key file with the password removed>.pem <name of the server certificate>.pem <name of the server certificate after the files were combined>.pemFor example, you can execute the following command:
% cat key-nopass.pem server_cert.pem > cert.pem
- If you are certain that the clients to which the server will provide this certificate have their own copies of the root and intermediate CA certificates, combine the private key, server certificate, intermediate and root CA certificates into a single file. To do so, execute the command:
The TLS certificate signed by the certification authority (for example, cert.pem) is ready for import into Kaspersky Secure Mail Gateway.
Importing the TLS certificate from file
Before importing TLS certificates via the web interface of Kaspersky Secure Mail Gateway, you have to prepare them for import.
You can prepare certificates of the following types for import:
- Self-signed TLS certificate
- TLS certificate signed by a certification authority (hereinafter also “CA certificate”).
Self-signed certificates are normally used to test and debug SSL and TLS encryption of connections. You are advised to use certificates signed by a certification authority (CA certificates) on public servers.
To import a TLS certificate from file:
- In the main window of the application web interface, open the management console tree and select the Encryption Keys section and TLS subsection.
- Click the Import from file button in the upper part of the workspace.
The Import TLS certificate window opens.
- In the TLS certificate name field, type the name that you want to assign to the TLS certificate being imported.
- Click the Browse button to the right of the Choose TLS certificate file field.
The file selection window opens in the web browser that you use.
- Choose the file of the TLS certificate that you want to import and click the Open button in your web browser.
The certificate file (Preparing a self-signed TLS certificate for import, Preparing to import a TLS certificate signed by a certification authority) must contain the TLS certificate and a private TLS key with the pem extension. The private key must not be encrypted or password-protected.
The file selection window closes.
- Click OK.
The Import TLS certificate window closes.
The TLS certificate appears in the list of TLS certificates in the workspace of the main window of the application web interface.
Kaspersky Secure Mail Gateway message queue
This section contains information about Kaspersky Secure Mail Gateway message queues.
Searching messages in the message queue
To configure the settings that control the search of messages in the queue of the MTA:
- In the main window of the application web interface, open the management console tree and select the Message Queue section.
- In the section for selecting messages, the sender and recipient under the toolbar, click any link to open the Search filter window.
- Select the queue in which you want to find messages. For example, you can select the Deferred, Active, Inbound (Maildrop and Incoming queues) queue or select several types of queues.
By default, messages are searched in all queues.
- In the Message ID in queue field, specify the ID of the message in the queue.
By default, the search results show messages from all queues.
- In the From field, specify the message sender.
By default, the search results show messages from all senders.
- In the To field, specify the message recipient.
By default, the search results show messages to all recipients.
- In the Period list, select the period within which messages should be searched. For example, you can search messages for the last hour, day, week, or year.
You can also specify a custom period for searching messages. To do so, perform the following:
- In the Period list, select Custom.
- Specify the start and end dates and times of the search period.
By default, the search results show messages processed during the last hour.
- Specify the size range of messages to be searched. To do so, perform the following:
- Select the range criterion.
For example, you can select Less than or equal to or Greater than or equal to.
- Specify the size of a message in kilobytes to set the size range for messages.
By default, the message size is not limited.
- Select the range criterion.
- Click OK.
A list of queued messages formed according to the filter criteria appears in the workspace of the Message Queue section in the main window of the Kaspersky Secure Mail Gateway web interface.
If the message search filter is not specified, the list shows all queued messages.
Forced delivery and removal of messages from the queue
To forcedly send or remove messages from the queue of the MTA:
- In the main window of the application web interface, open the management console tree and select the Message Queue section.
- View the list of queued messages in the workspace.
- To the left of the queue type name, select check boxes next to the messages that you want to process.
- Click one of the following buttons on the toolbar in the upper part of the workspace:
- Flush if you want to forcedly send the selected messages.
- Flush All if you want to forcedly send all messages.
Frequent attempts to deliver undelivered messages out of turn affect the speed with which the other messages are sent.
- Delete if you want to delete the selected messages.
- Delete All if you want to delete all messages.
The operation of removing all messages from the queue permanently removes all data from the queue, including messages that have been received but not processed yet.
Kaspersky Secure Mail Gateway trace log
The trace log of Kaspersky Secure Mail Gateway system services is created automatically and stored on the virtual machine in unencrypted form in the /var/log/ folder and its subfolders.
Since the trace log may contain personal data of users, the Kaspersky Secure Mail Gateway administrator has to ensure protection of such data manually.
To view the contents of the trace log:
- Open the administrator's menu of Kaspersky Secure Mail Gateway.
- Select View logs in the menu.
A list of folders with trace files is displayed (see figure below).
Viewing trace files
- Select the file or folder that you need.
The contents of the selected file or folder are displayed.
Page topContacting the Technical Support Service
This section describes the ways to get technical support and the terms on which it is available.
How to obtain Technical Support
If you cannot find a solution to your problem in the application documentation or in one of the sources of information about the application, we recommend that you contact Technical Support. Technical Support specialists will answer your questions about installing and using the application.
Technical support is only available to users who purchased the commercial license. Users who have received a trial license are not entitled to technical support.
Before contacting Technical Support, please read the support rules.
You can contact Technical Support in one of the following ways:
- by calling the Technical Support Service by phone
- By sending a request to Technical Support from the Kaspersky CompanyAccount portal.
Technical support by phone
In most regions, you can call Technical Support representatives. You can find information on ways to receive technical support in your region and contacts for Technical Support on the website of Kaspersky Lab Technical Support.
Before contacting Technical Support, please read the support rules.
Page topTechnical Support via Kaspersky CompanyAccount
Kaspersky CompanyAccount is a portal for companies that use Kaspersky Lab applications. The portal Kaspersky CompanyAccount is designed to facilitate interaction between users and Kaspersky Lab specialists via online requests. The portal Kaspersky CompanyAccount lets you monitor the progress of electronic request processing by Kaspersky Lab specialists and store a history of electronic requests.
You can register all of your organization's employees under a single account on Kaspersky CompanyAccount. A single account lets you centrally manage electronic requests from registered employees to Kaspersky Lab and also manage the privileges of these employees via Kaspersky CompanyAccount.
The portal Kaspersky CompanyAccount is available in the following languages:
- English
- Spanish
- Italian
- German
- Polish
- Portuguese
- Russian
- French
- Japanese
To learn more about Kaspersky CompanyAccount, visit the Technical Support website.
Page topGlossary
Anti-Phishing
A component of Kaspersky Secure Mail Gateway that filters out phishing messages.
Anti-Spam
A component of Kaspersky Secure Mail Gateway that filers out messages categorized as spam or probable spam.
Anti-Virus
A component of Kaspersky Secure Mail Gateway that filters out infected and probably infected email messages and attachments.
Backup
A special storage for backup copies of files that are created before disinfection or deletion is attempted.
Directory service
A software system that can store information about network resources (such as users) in one place and provides centralized management capabilities.
DKIM message authentication
Verification of the digital signature added to messages.
DMARC message authentication
Authentication performed to verify that the message was actually sent from the specified domain.
DNSBL
DNS blacklist or DNS blocklist. Custom list of DNSBL servers used to improve the accuracy of spam detection. DNSBL servers stores lists of IP addresses that were previously detected as sources of spam and to which the Anti-Spam engine assigns a spam rating and one of the Anti-Spam message scan status labels.
Email notification
An email message describing an application event or a message scan event, which Kaspersky Secure Mail Gateway sends to the specified email addresses.
Heuristic analysis
The technology designed to detect threats that cannot be detected using the current version of Kaspersky Lab application databases. It detects files that may be infected with an unknown virus or a new variety of a known virus.
Files in which malicious code is detected during heuristic analysis are marked as probably infected.
Kaspersky Security Network (KSN)
An infrastructure of cloud services that provides access to the online Knowledge Base of Kaspersky Lab which contains information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky Lab applications to threats, improves the performance of some protection components, and reduces the likelihood of false alarms.
Key file
A xxxxxxx.key file that allows using a Kaspersky Lab application on the terms of a trial or commercial license. The application generates the key file based on the activation code. The application can be used only with a key file.
LDAP
Lightweight Directory Access Protocol for accessing directory services.
Malicious links
Web addresses leading to malicious resources, i.e. web resources designed to spread malware.
Phishing
A type of Internet fraud aimed at obtaining unauthorized access to users' confidential data.
Probably infected object
An object whose code contains portions of modified code from a known threat, or an object whose behavior is similar to that of a threat.
Reputation filtering
A cloud service that uses technologies for determining the reputation of messages. Information about new kinds of spam appears in the cloud service sooner than in Anti-Spam module databases, making it possible to improve the speed and accuracy of spam detection.
SNMP agent
A network management software module of Kaspersky Secure Mail Gateway, which monitors the operation of Kaspersky Secure Mail Gateway.
SNMP trap
An application event notification sent by the SNMP agent.
Spam
Unsolicited mass email mailings, most often including advertisements
SPF message authentication
Comparison of IP addresses of message senders with the list of possible message sources, which has been created by the mail server administrator.
SURBL
Spam URI Realtime Blocklists. Custom list of SURBL servers used to improve the accuracy of spam detection. SURBL servers store lists of web addresses that were previously detected in the subject or body of messages recognized as spam and to which the Anti-Spam engine assigns a spam rating and one of the Anti-Spam message scan status labels.
Virtual machine
A fully isolated software system that executes machine-independent or machine code of the processor and can imitate the operating system of an application or device (such as a computer).
Page topAO Kaspersky Lab
Kaspersky Lab is a world-renowned vendor of systems protecting computers against various threats, including viruses and other malware, unsolicited email (spam), network and hacking attacks.
In 2008, Kaspersky Lab was rated among the world’s top four leading vendors of information security software solutions for end users (IDC Worldwide Endpoint Security Revenue by Vendor). Kaspersky Lab is the preferred vendor of computer protection systems for home users in Russia (“IDC Endpoint Tracker 2014”).
Kaspersky Lab was founded in Russia in 1997. It has since grown into an international group of companies with 34 offices in 31 countries. The company employs more than 3000 qualified specialists.
Products. Kaspersky Lab’s products provide protection for all systems—from home computers to large corporate networks.
The personal product range includes security applications for desktop, laptop, and tablet computers, smartphones and other mobile devices.
The company offers protection and control solutions and technologies for workstations and mobile devices, virtual machines, file and web servers, mail gateways, and firewalls. The company's portfolio also features specialized products providing protection against DDoS attacks, protection for industrial control systems, and prevention of financial fraud. Used in conjunction with Kaspersky Lab’s centralized management system, these solutions ensure effective automated protection for companies and organizations of any size against computer threats. Kaspersky Lab's products are certified by the major test laboratories, are compatible with the software of many suppliers of computer applications, and are optimized to run on many hardware platforms.
Kaspersky Lab’s virus analysts work around the clock. Every day they uncover hundreds of thousands of new computer threats, create tools to detect and disinfect them, and include them in databases used by Kaspersky Lab applications.
Technologies. Many technologies that are now part and parcel of modern anti-virus tools were originally developed by Kaspersky Lab. It is no coincidence that many other developers use the Kaspersky Anti-Virus kernel in their products, including: Alcatel-Lucent, Alt-N, Asus, BAE Systems, Blue Coat, Check Point, Cisco Meraki, Clearswift, D-Link, General Dynamics, Facebook, Juniper Networks, Lenovo, H3C, Microsoft, NETGEAR, Openwave Messaging, Parallels, Qualcomm, Samsung, Stormshield, Toshiba, Trustwave, Vertu, ZyXEL. Many of the company’s innovative technologies are patented.
Achievements. Over the years, Kaspersky Lab has won hundreds of awards for its services in combating computer threats. Following tests and research conducted by the reputed Austrian test laboratory AV-Comparatives in 2014, Kaspersky Lab ranked among the top two vendors by the number of Advanced+ certificates earned and was eventually awarded the Top Rated certificate. But Kaspersky Lab's main achievement is the loyalty of its users worldwide. The company’s products and technologies protect more than 400 million users, and its corporate clients number more than 270,000.
Kaspersky Lab’s website: |
|
Virus encyclopedia: |
|
Virus Lab: |
http://newvirus.kaspersky.com (for analyzing suspicious files and websites) |
Kaspersky Lab’s web forum: |
Page top
Information about third-party code
Information about third-party code is contained in the file legal_notices.txt, in the application installation folder.
Page topTrademark notices
Registered trademarks and service marks are the property of their respective owners.
Google Chrome is a trademark of Google, Inc.
Linux is a trademark of Linus Torvalds registered in the USA and elsewhere.
Active Directory, Internet Explorer, Microsoft, and Windows are trademarks of Microsoft Corporation registered in the United States of America and elsewhere.
Mozilla and Firefox are Trademarks of the Mozilla Foundation.
Red Hat is a trademark of Red Hat Inc. registered in the United States of America and elsewhere.
Debian is a registered trademark of Software in the Public Interest, Inc.
VMware, ESXi and VMware vSphere are trademarks of VMware, Inc or trademarks of VMware, Inc. registered in the United States or other jurisdictions.
Page top