About the Kaspersky Secure Mail Gateway

Kaspersky Secure Mail Gateway > About the Kaspersky Secure Mail Gateway

About the Kaspersky Secure Mail Gateway

Kaspersky Secure Mail Gateway lets you deploy a virtual mail gateway and integrate it into the existing corporate mail infrastructure. An operating system, mail server, and Kaspersky anti-virus program are preinstalled on the virtual mail gateway.

Kaspersky Secure Mail Gateway protects incoming and outgoing email against malware and spam, performs content filtering of messages, and, when integrated with Kaspersky Anti Targeted Attack Platform (hereinafter also referred to as "KATA"), protects email against targeted attacks intrusions on the corporate IT infrastructure.

Kaspersky Secure Mail Gateway:

Scans incoming and outgoing email messages for
spam
Attack that targets a specific person or organization. Unlike mass attacks by computer viruses designed to infect as many computers as possible, targeted attacks can be aimed at infecting the network of a specific organization or even a specific server within the corporate IT infrastructure. A dedicated Trojan program may be written to stage each targeted attack.

,
phishing
A type of Internet fraud aimed at obtaining unauthorized access to users' confidential data.

and malware, and, when integrated with KATA, scans messages for signs of
targeted attacks
Unsolicited mass mailing of emails, most often including advertisements

into the corporate IT infrastructure.
To ensure a faster response to new threats, Kaspersky Secure Mail Gateway protection components can use information from
Kaspersky Security Network
An infrastructure of cloud services that provides access to the Kaspersky online Knowledge Base, which contains information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures that Kaspersky applications respond faster to threats, improves the performance of some protection components, and reduces the likelihood of false alarms.

.
Integration with
Kaspersky Private Security Network
A solution that allows users of Kaspersky anti-virus software to access Kaspersky Security Network data without sending their own information to Kaspersky Security Network servers.

(hereinafter also referred to as KPSN) for organizations where Internet access is restricted by internal rules and policies.
After integration with KPSN, Kaspersky Secure Mail Gateway can use the KSN reputation databases which will be used for scanning within the infrastructure of the organization.

If you want to purchase Kaspersky Private Security Network, you can contact Kaspersky's partner specialists in your region.
Integrates with
Kaspersky Anti Targeted Attack Platform
Solution designed for protection of a corporate IT infrastructure and timely detection of threats such as zero-day attacks, targeted attacks, and complex targeted attacks known as advanced persistent threats (hereinafter also referred to as APT).

for detection of threats such as
zero-day attacks
An attack targeting the corporate IT infrastructure by exploiting zero-day vulnerabilities in software. These are software vulnerabilities that hackers find and exploit before the software vendor has a chance to release a patch.

, targeted attacks, and complex targeted attacks known as
advanced persistent threats
A sophisticated targeted attack against the corporate IT infrastructure that simultaneously uses different methods to infiltrate the network, hide on the network, and gain unobstructed access to confidential data.

(hereinafter also referred to as "APT").
After integration with KATA, Kaspersky Secure Mail Gateway can send copies of messages to KATA for scanning. Based on the results of a KATA scan, Kaspersky Secure Mail Gateway can block individual messages.

To purchase the Kaspersky Anti-Virus Targeted Attack Platform program, you can contact Kaspersky's sales team.
Detects and blocks spam, probable spam and mass mailings (including marketing mail-outs), deletes messages, and places copies of messages in Backup.
Detects messages containing Unicode spoofing. If Unicode spoofing is detected, the message is considered to be spam. The program adds the unicode_spoof tag to the X-KSMG-AntiSpam-Method message header.
Adds the X-MS-Exchange-Organization-SCL X-headers to messages, based on the scan results. This tag contains the SCL rating.
Detects, blocks, and disinfects infected email messages and infected attachments, deletes messages and attachments, and places copies of messages in Backup.
Detects and blocks messages whose attachments contain macros (for example, Microsoft Office files with macros), deletes messages or attachments, and places copies of messages in Backup.
Detects and blocks messages containing encrypted objects, deletes messages or attachments, and places copies of messages in Backup.
Detects and blocks messages containing archives, recognizes the types of files within archives (for example, files in the ZIP, RAR, TGZ, 7z, and QZIP formats), and blocks individual files within archives.
Detects and blocks phishing or links to malicious websites, deletes messages, and places copies of messages in Backup.
Performs content filtering of messages based on the name, type and size of attachments (Kaspersky Secure Mail Gateway can determine the actual format and type of attachment regardless of its extension), deletes messages containing attachments in a specific format or with a specific name, or messages larger than the permissible size, and places copies of messages in Backup.
Detects and blocks messages containing signs of targeted attacks and intrusions into the corporate IT infrastructure (when integrated with KATA), deletes messages, and places copies of messages in Backup.
Saves backup copies of messages in Backup based on the results of their processing by the
Anti-Virus
A Kaspersky Secure Mail Gateway component designed to detect viruses in email messages and email attachments.

,
Anti-Spam
A component of Kaspersky Secure Mail Gateway designed to detect messages categorized as spam.

and
Anti-Phishing
A component of Kaspersky Secure Mail Gateway designed to detect messages categorized as phishing.

modules, and based on the results of
content filtering
Filtering email messages based on message size, attachment file name mask, and attachment format. Based on the results of content filtering, you can restrict the forwarding of messages by the mail server.

and KATA scans of messages.
Saves messages from Backup to file and forwards messages to recipients.
Places messages into Anti-Spam Quarantine and KATA Quarantine, and manages the Anti-Spam Quarantine and KATA Quarantine in the web interface.
Processes mail in accordance with the rules defined for groups of senders and recipients.
Lets you use email filtering rules to specify users and user groups from Microsoft Active Directory and generic LDAP to enable message routing for specific email accounts and user groups.
Notifies the sender, recipients, and administrator about the detection of messages containing objects that are infected, password-protected, or cannot be scanned.
Sends notifications to users regarding the results from their messages being scanned by program modules. Notifications may contain a list of the latest messages in Backup. You can configure the schedule for sending notifications.
Updates program databases from Kaspersky update servers or custom resources (HTTP and FTP servers) according to schedule or on demand.
Receives program operation statistics via the SNMP protocol, and enables or disables forwarding of SNMP traps.
Lets you configure the settings and manage the program via a web interface.
Sends and receives messages via a secure TLS/SSL link.
Lets you verify the authenticity of senders using
SPF
Comparison of IP addresses of mail senders with the list of possible message sources that has been created by the mail server administrator.

,
DKIM
Verification of the digital signature added to messages.

, and
DMARC
Verification that determines the policy and actions taken on messages based on the results of SPF and DKIM Mail Sender Authentication.

technologies.
Lets you sign outgoing email messages with DKIM signatures.
Lets you add email disclaimers to outgoing and incoming messages.
Adds insecure attachment warnings to incoming messages.
Retrieves user information from various domains and grants users access to a personal Backup.
Lets you add, edit or delete information about domains (including local domains) and email addresses, configure Kaspersky Secure Mail Gateway settings for these domains and email addresses and configure email routing.
Lets you configure TLS security modes for situations when Kaspersky Secure Mail Gateway receives messages from another server (acts in the Server role) or sends messages to another server (acts in the Client role), as well as configure TLS settings for individual domains.
Lets you monitor the status of email traffic and usage of system resources and view lists of the latest detected threats in the web interface of the program.
Lets you monitor the performance of the program via Kaspersky Security Center (10 SP2 and 10 SP3 versions).
Lets you view the program event Log and download it to the hard drive.
Lets you upgrade the system via the web interface of Kaspersky Secure Mail Gateway.
Lets you quickly configure the MTA using the Quick MTA Setup Wizard.
Lets you add, change and delete TLS and DKIM encryption keys.
Lets you generate and view reports on the email message processing rules.
Lets you view the audit log in the program web interface.
Lets you generate an archive containing information about Kaspersky Secure Mail Gateway operation for the purpose of sending it to Kaspersky Technical Support.
Publishes program events to a SIEM system that is already in use in your organization over the Syslog protocol. Information about each program event is relayed as a separate syslog message in CEF format.

Kaspersky Secure Mail Gateway is distributed via OVA virtual machine template (Open Virtual Appliance) or ISO-image intended for deployment on a Microsoft Hyper-V hypervisor.

Deployment of the image creates a virtual machine with a pre-installed CentOS 6.10 operating system, a mail server, and Kaspersky Security for Linux Mail Server program (hereinafter also referred to as "Kaspersky Security"). After deploying the virtual machine, you can configure it using the Initial Configuration Wizard.