Create a processing rule for outgoing messages sent by users of a particular Active Directory group.
Select the Use the settings of scan modules mode.
In the list of senders, specify the Active Directory user group that must be able to send messages to external email addresses.
In the list of recipients, enter *.
Create a message processing rule for messages that domain users send to each other.
If such email traffic does not pass through Kaspersky Secure Mail Gateway, skip this step.
Select the Use the settings of scan modules mode.
In the list of senders, specify all local domains.
In the list of recipients, specify all local domains.
Create a rule that will reject outgoing messages being sent from all internal email domains of hte company to any email address.
Depending on your organization's policy, set the Reject without scanning or Delete without notifying the sender mode.
In the list of senders, specify all email domains of your organization.
In the list of recipients, enter *.
The preset rule is used for processing of incoming messages.
As a result, message processing rules are configured that allow external messages to be sent by users in a specific Active Directory group and prohibit the same to all other users.