- Kaspersky Secure Mail Gateway
- The Kaspersky Secure Mail Gateway interface
- Program licensing
- About the End User License Agreement
- About the license
- About the license certificate
- About the key
- About the key file
- About the activation code
- About the subscription
- About data provision
- Viewing information about the license and added keys
- Updating of license and added keys information
- Adding a key file
- Adding an activation code
- Removing a key
- Modes of Kaspersky Secure Mail Gateway operation under license
- Notifications that the license expires soon
- Purchasing a license
- Mail server protection status
- Getting started with the program web interface
- Integrating Kaspersky Secure Mail Gateway into the corporate mail infrastructure
- Direct integration using a Quick Setup Wizard
- Integration through an edge gateway (SMTP verification of recipient email addresses is enabled) with the help of a wizard
- Step1. Adding local domains (relay_domains)
- Step 2. Configuring email routing (transport_map)
- Step 3. Entering address of your Edge Gateway (relayhost)
- Step 4. Adding trusted networks and network hosts (mynetworks)
- Step 5. Completing the integration of Kaspersky Secure Mail Gateway through an edge gateway (SMTP verification of recipient email addresses is enabled)
- Integration through an edge gateway (SMTP verification of recipient email addresses is disabled) with the help of a wizard
- Step 1. Configuring email routing (transport_map)
- Step 2. Entering address of your Edge Gateway (relayhost)
- Step 3. Adding trusted networks and network hosts (mynetworks)
- Step 4. Completing the integration of Kaspersky Secure Mail Gateway through an edge gateway (SMTP verification of recipient email addresses is disabled)
- Monitoring the Kaspersky Secure Mail Gateway
- Using message processing rules
- Domains and configuration of email routing
- DKIM signature for outgoing messages
- Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
- Configuring TLS security for incoming email messages
- Configuring TLS security for outgoing email messages
- Creating a TLS certificate
- Deleting a TLS certificate
- Preparing a self-signed TLS certificate for import
- Preparing to import a TLS certificate signed by a certification authority
- Importing the TLS certificate from file
- Backup
- Kaspersky Secure Mail Gateway message queue
- Enabling and disabling the transmission and reception of messages
- Viewing information about the message queue, KATA Quarantine, and Anti-Spam Quarantine
- Sorting messages in queue
- Filtering and searching messages by queue name
- Filtering and searching messages by message ID in queue
- Filtering and searching messages by mail sender's address
- Filtering and searching messages by message recipient's address
- Filtering and searching messages by time of message arrival in queue
- Forced delivery and deletion of messages from the queue
- Kaspersky Secure Mail Gateway operation reports
- Content of Kaspersky Secure Mail Gateway operation reports
- Viewing Kaspersky Secure Mail Gateway operation reports
- Deleting Kaspersky Secure Mail Gateway operation reports
- Enabling and disabling daily reports
- Configuring the daily report
- Enabling and disabling weekly reports
- Configuring the weekly report
- Enabling and disabling monthly reports
- Configuring the monthly report
- Generating a custom report
- Configuring general settings of Kaspersky Secure Mail Gateway
- Configuring the proxy server connection settings
- Configuring email addresses of the administrator
- Configuring HelpDesk account settings
- Changing the Administrator account password
- Configuring the settings for the event log and audit log
- Configuring program performance settings
- Configuring the appearance of scanned messages
- Configuring the template for messages when removing an attachment
- Exporting program settings
- Importing program settings
- Restarting the program
- Configuring integration with Kaspersky Security Center
- Configuring MTA settings
- Upgrading Kaspersky Secure Mail Gateway via the web interface
- Database update for Kaspersky Secure Mail Gateway
- Kaspersky Secure Mail Gateway Protection
- Participation in Kaspersky Security Network and use of Kaspersky Private Security Network
- Mail Sender Authentication
- Connecting to a DNS to perform message authentication
- Enabling and disabling SPF message authentication
- Enabling and disabling DKIM message authentication
- Enabling and disabling DMARC message authentication
- Enabling and disabling Mail Sender Authentication for a rule
- Configuring detection of TempError and PermError during message authentication
- Configuring additional DMARC authentication settings for a rule
- Configuring additional SPF message authentication settings for a rule
- Configuring additional DKIM message authentication settings for a rule
- Configuring tags added to message subjects after SPF message authentication
- Configuring tags added to message subjects after DKIM message authentication
- Configuring tags added to message subjects after DMARC message authentication
- Configuring actions on messages during DMARC, SPF and DKIM message authentication
- Preparing to configure SPF and DMARC Mail Sender Authentication for outgoing messages
- Anti-Virus protection
- About Anti-Virus scan statuses
- Enabling and disabling Anti-Virus protection of messages
- Enabling and disabling Anti-Virus scanning for a rule
- Configuring Anti-Virus engine settings
- Setting default values for Anti-Virus engine settings
- Configuring actions on messages during Anti-Virus scanning
- Configuring tags added to message subjects after Anti-Virus scanning
- Configuring Anti-Virus scan restrictions and exclusions
- Anti-Spam protection
- About Anti-Spam message scan status labels
- Enabling and disabling Anti-Spam protection of messages
- Enabling and disabling Anti-Spam scanning of messages for a rule
- Configuring Anti-Spam engine settings
- Setting default values for Anti-Spam engine settings
- Configuring the custom DNSBL list for the Anti-Spam engine
- Configuring the custom SURBL list for the Anti-Spam engine
- Configuring Anti-Spam scan settings for a rule
- Configuring Anti-Spam scan actions on messages
- Configuring tags added to message subjects after spam scanning
- Anti-Spam Quarantine
- Anti-Phishing protection
- About Anti-Phishing message scan status labels
- Enabling and disabling Anti-Phishing protection of messages
- Enabling and disabling Anti-Phishing scanning of messages for a rule
- Configuring Anti-Phishing engine settings
- Setting default values for Anti-Phishing engine settings
- Configuring Anti-Phishing scan actions on messages
- Configuring tags added to message subjects after Anti-Phishing scanning
- Content filtering of messages
- About message content filtering status labels
- Enabling and disabling content filtering of messages
- Setting the maximum archive nesting level for content filtering
- Setting default values for Content Filtering settings
- Enabling and disabling content filtering of messages for a rule
- Configuring settings of message content filtering for a rule
- Configuring actions to take on messages during content filtering
- Configuring tags added to message subjects based on content filtering results
- KATA protection and integration of Kaspersky Secure Mail Gateway with Kaspersky Anti Targeted Attack Platform
- Entering integration settings for Kaspersky Secure Mail Gateway
- Confirming integration on the KATA side
- Checking the connection of Kaspersky Secure Mail Gateway to KATA
- Configuring Kaspersky Secure Mail Gateway to send messages for checking by KATA
- Enabling and disabling KATA protection
- Configuring KATA protection settings
- Setting default values for KATA protection settings
- Enabling and disabling KATA protection for a rule
- Configuring actions on messages based on KATA scan results
- Configuring tags added to message subjects based on KATA scan results
- Black and white lists of addresses
- Integration with an external directory service
- Using the program via the SNMP protocol
- Email notifications for Kaspersky Secure Mail Gateway
- Kaspersky Secure Mail Gateway's disclaimers and warnings
- Kaspersky Secure Mail Gateway event log
- System information for Technical Support
- Kaspersky Secure Mail Gateway audit log
- Viewing the audit log and events in the audit log
- Sorting events in the audit log
- Filtering and searching events by date and time
- Filtering and searching events by event type
- Filtering and searching events by subject identifier
- Filtering and searching events by event result
- Filtering and searching events by event description
- Configuring the date and time in Kaspersky Secure Mail Gateway
- Publishing program events to a SIEM system
- Extracting settings from Kaspersky Secure Mail Gateway to an XML file
- Enabling export of events in CEF format
- Content and properties of syslog messages in CEF format
- Values of fields in the body of CEF messages for classes of Settings group events
- Values of fields in the body of CEF messages for classes of Tasks group events
- Values of fields in the body of CEF messages for classes of Import / Export Settings group events
- Values of fields in the body of CEF messages for classes of Backup group events
- Values of fields in the body of CEF messages for classes of Report group events
- Values of fields in the body of CEF messages for classes of License group events
- Values of fields in the body of CEF messages for classes of Rules group events
- Values of fields in the body of CEF messages for classes of Auth group events
- Values of fields in the body of CEF messages for classes of Quarantine group events
- Values of fields in the body of CEF messages for classes of Update group events
- Values of fields in the body of CEF messages for classes of ScanLogic group events
- Values of fields in the body of CEF messages for classes of Appliance group events
- Disabling export of events in CEF format
- Applying new values to settings of Kaspersky Secure Mail Gateway
- Contacting the Technical Support Service
- Glossary
- Advanced persistent threat (APT)
- Anti-Phishing
- Anti-Spam
- Anti-Virus
- Backup
- Content filtering
- Directory service
- DKIM Mail Sender Authentication
- DMARC Mail Sender Authentication
- DNSBL
- Email notification
- Heuristic analysis
- Kaspersky Anti Targeted Attack Platform
- Kaspersky Private Security Network
- Kaspersky Security Network (KSN)
- Key file
- LDAP
- Malicious links
- Phishing
- Reputation filtering
- SNMP agent
- SNMP trap
- Spam
- SPF Mail Sender Authentication
- SURBL
- Targeted attack
- Virtual machine
- Zero-day attack
- Zero-day vulnerability
- AO Kaspersky Lab
- Information about third-party code
- Trademark notices
Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway > Preparing a self-signed TLS certificate for import
Preparing a self-signed TLS certificate for import
Preparing a self-signed TLS certificate for import
A self-signed TLS certificate intended to be imported into Kaspersky Secure Mail Gateway must meet the following requirements:
- The certificate file must have a unique name in the list of certificates used in Kaspersky Secure Mail Gateway.
- The certificate file and the private key file must be in PEM format.
- The key length must be 1024 bits or longer.
By way of an example, below are instructions on how to prepare for import the self-signed TLS server certificate server_cert.pem, whose private key is contained in the key.pem file.
To prepare a self-signed TLS certificate for import into Kaspersky Secure Mail Gateway:
- In the private key file, remove the password (if any) for accessing the certificate. To do that, enter at the command line:
# openssl rsa -in <name of the private key file>.pem -out <name of the private key file with the password removed>.pemFor example, you can execute the following command:
# openssl rsa -in key.pem -out key-nopass.pem - Combine the private key and the server certificate in a single file. To do that, enter at the command line:
% cat <name of the private key file with the password removed>.pem <name of the server certificate>.pem <name of the server certificate after the files were combined>.pemFor example, you can execute the following command:
% cat key-nopass.pem server_cert.pem > cert.pem
The self-signed TLS certificate (for example, cert.pem) is ready for import into Kaspersky Secure Mail Gateway.
Article ID: 95413, Last review: Apr 13, 2023