Content filtering of messages

This section contains information about content filtering of messages and how to configure it.

About content filtering

Kaspersky Secure Mail Gateway can perform content filtering of messages that pass through the mail server. You can restrict transmission of messages with specific parameters by the mail server.

Content filtering of messages is performed according to one of the following parameters:

• Message size
• Masks of attachment names
• Attachment formats

You can specify the maximum size of messages with attachments, specify mask of forbidden names of attached files, or specify forbidden formats of attached files.

As a result of content filtering, Scan Logic assigns messages one of the following statuses:

Depending on the status assigned, the application performs actions in accordance with the message processing rule settings. You can specify actions to be performed by the application on messages with a certain status. The default action performed on messages is Reject.

About message content filtering status labels

As a result of content filtering, the Scan Logic message scanning control module assigns one of the following content filtering statuses to messages:

• Clean – the message has not been found to contain any violations of restrictions specified in content filtering settings.
• Banned Attachment Name – the message contains an attachment with a banned name.
• Banned Attachment Type – the message contains an attachment having a banned file format.
• Message Size Exceeded – the message exceeds the maximum allowed size.

Enabling and disabling content filtering of messages

To enable or disable content filtering of messages:

1. In the main window of the application web interface, open the management console tree and select the Settings section and Protection subsection.
2. In the Content filtering section, do one of the following:
   • Flip on the toggle switch next to the name of the Content filtering section to enable content filtering of messages.
   • Flip off the toggle switch next to the name of the Content filtering section to disable content filtering of messages.

Enabling and disabling content filtering of messages for a rule

You can enable or disable content filtering of messages for one or several rules. By default, content filtering of messages is disabled.

Before enabling or disabling content filtering of messages for a rule, make sure that content filtering in Kaspersky Secure Mail Gateway is enabled.

To enable or disable content filtering of messages for a rule:

1. In the main window of the application web interface, open the management console tree and select the Rules section.
2. In the list of rules, click the name of the rule to open the rule for which you want to enable or disable content filtering of messages.
3. Select the Content filtering section.
4. Do one of the following:
   • Flip on the toggle switch next to the name of the Content filtering settings group to enable content filtering of messages for a rule.
   • Flip off the toggle switch next to the name of the Content filtering settings group to disable content filtering of messages for a rule.
5. Click the Apply button in the lower part of the workspace.

Configuring settings of message content filtering for a rule

To configure message content filtering settings for a rule:

1. In the main window of the application web interface, open the management console tree and select the Rules section.
2. In the rules list, click the name of the rule to open the rule for which you want to configure the message content filtering settings.
3. Select the Content filtering section.
4. Flip on the toggle switch next to the name of the Content filtering settings group if it is off.
5. To restrict transmission of messages containing attachments of a certain size:
   1. In the If the allowed message size is exceeded settings group, click the Message size limit link to open the Attachment size scan limit window.
   2. In the field under the window name, enter the maximum size of objects in the range from 0 KB to 1048576 KB (1 GB).

      If the value is set to 0 KB, no restrictions apply to the size of objects.

   3. Click OK.

      The Attachment size scan limit window closes.

6. To restrict transmission of messages containing attachments of a certain format:
   1. In the If attachment type is forbidden settings group, click the link on the right of the Forbidden formats of attachments setting to open the Forbidden attachment types window.
   2. Select check boxes next to the formats of attachments the transmission of which you want to restrict.

      You can restrict transmission of messages with the following attachments:

      • Executable files (e.g., EXE; DLL; OCX)
      • Document files (e.g., DOC; XLS; PDF; PPT)
      • Multimedia files (e.g., AVI; WMV; MP3)
      • Graphic files (e.g., JPG; BMP; WMF)
      • Archives (e.g., ZIP; RAR; TGZ)
      • Databases (e.g., ACCDB; ACCDC; MDB)
      • Other files (e.g., TXT; CHM; HTM)
   3. Click the Close button.

      The Forbidden attachment types window closes.

7. To restrict transmission of messages containing attachments with specific names:
   1. In the If attachment name is forbidden settings group, click the link on the right of the Forbidden names of attachments setting to open the Forbidden names window.
   2. In the field under the window name, enter the masks of names of attachments the transmission of which you want to restrict.

      Masks can contain any symbols. Separate masks with the ";" symbol.

      For example, you can enter the *.exe name mask to restrict transmission of messages that include attachments with the exe extension.

   3. Click OK.

      The Forbidden names window closes.

8. Click the Apply button in the lower part of the workspace.

In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that content filtering of messages is enabled for the rule and the rule for which you have configured settings is enabled.

Configuring actions to take on messages during content filtering

To configure the actions to be performed by Kaspersky Secure Mail Gateway on messages during content filtering:

1. In the main window of the application web interface, open the management console tree and select the Rules section.
2. In the list of rules, click the link with the name of the rule to open the rule for which you want to configure actions on messages during content filtering.
3. Select the Content filtering section.
4. Flip on the toggle switch next to the name of the Content filtering settings group if it is off.
5. In the If the allowed message size is exceeded drop-down list, select one of the following actions to be performed on messages containing attachments whose size exceeds the limit:
   • Delete message.
   • Reject.
   • Skip.
6. In the If attachment type is forbidden drop-down list, select one of the following actions to be taken on messages containing attachments of a forbidden format:
   • Delete message.
   • Delete attachment.
   • Reject.
   • Skip.
7. In the If attachment name is forbidden drop-down list, select one of the following actions to be taken on messages containing attachments with forbidden names:
   • Delete message.
   • Delete attachment.
   • Reject.
   • Skip.
8. Click the Apply button in the lower part of the workspace.

In order for the settings you have configured to be used during operation of Kaspersky Secure Mail Gateway, make sure that content filtering of messages is enabled for the rule and the rule for which you have configured settings is enabled.