Configuring content filtering by attachment name

To configure content filtering of messages by attachment name:

  1. Export rule settings to an XML file using the command:

    # /opt/kaspersky/klms/bin/klms-control \

    --get-rule-settings <rule ID> -f <rule settings file name> or

    --get-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

  2. Open the XML file to edit the rule settings.
  3. Enable content filtering of messages. To do so, in the <engineSettings> subsection of the <cfScanSettings> section, specify the value 1 for the <enableScan> setting.
  4. In the <cfScanSettings> section, <engineSettings> subsection, in the <bannedFileNames> setting, specify file names that are banned in attachments.

    You can use masks and regular expressions in attached file names. Names can contain any characters. Use semicolons ";" to separate the names.

    Regular expressions and masks are not case-sensitive.

    For example, you can enter the *.exe name mask to restrict transmission of messages that include attachments with the EXE extension.

    If you need to add several file names, each file name must be in a separate <item> section, typed in a new string of the settings file.

    Example:

    <bannedFileNames>

    <item>*.exe</item>

    </bannedFileNames>

    Example of adding common executable files to the list of banned attachments:

    Example:

    <bannedFileNames>

    <item>re:.*\.(scr|cpl|com|bat|cmd|vbs|pif|lnk|url|exe|bvs|spl|dll)$</item>

    <item>re:^[^\t\n]*\.[A-Za-z0-9]+\.(exe|vbs|cpl|dll)[. ]*$</item>

    </bannedFileNames>
  5. Specify the action you want the application to take on messages with attachments that have forbidden names. To do so, in the <cfScanSettings> section, specify the value Skip, DeleteMessage, DeleteAttachment or Reject for the <bannedFileNameAction> setting.

    The default action is Reject.

  6. If necessary, you can configure the application to move copies of messages with attachments that have forbidden names to Backup. To do so, in the <cfScanSettings> section, specify the value 1 for the <backupBannedFileName> setting.
  7. Save the changes made.
  8. To import rule settings from an XML file, use the command:

    # /opt/kaspersky/klms/bin/klms-control \

    --set-rule-settings <rule ID> -f <rule settings file name> or

    --set-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

Page top