- Kaspersky Secure Mail Gateway
- The Kaspersky Secure Mail Gateway interface
- Application licensing
- About the End User License Agreement
- About the license certificate
- About the key
- About the key file
- About the activation code
- About the subscription
- About data provision
- Modes of Kaspersky Secure Mail Gateway operation under license
- Adding an activation code
- Adding a key file
- Removing a key
- Monitoring license key status
- Configuring warnings about upcoming license key expiration
- Purchasing a license
- Renewing a license
- Updating Kaspersky Secure Mail Gateway
- Application installation and setup
- Deploying a virtual machine in the management console of the VMware ESXi hypervisor
- Deploying a virtual machine in the web interface of VMware vSphere
- Deploying a virtual machine in the management console of the Microsoft Hyper-V Manager hypervisor
- Deploying a virtual machine using Microsoft SCVMM
- Application installation and setup
- Removing the application
- Preparing for removing the application
- Deleting a virtual machine in the management console of the VMware ESXi hypervisor
- Deleting a virtual machine in the web interface of VMware vSphere
- Deleting a virtual machine in the management console of the Microsoft Hyper-V hypervisor
- Deleting a virtual machine using Microsoft SCVMM
- Getting started with the application
- Integrating Kaspersky Secure Mail Gateway into the existing corporate email infrastructure
- Monitoring of application operation
- Using message processing rules
- Viewing the rule table
- Configuring rule table display
- Message processing rule configuration scenario
- Creating message processing rules
- Configuring Anti-Virus protection
- Configuring link scanning
- Configuring Anti-Spam protection
- Configuring Anti-Phishing protection
- Configuring Content Filtering
- Mail Sender Authentication
- Notification settings for message scan events
- Adding a Warning about insecure message
- Adding email disclaimers
- Configuring KATA protection
- Examples of message processing rule configuration
- Viewing rule information
- Enabling and disabling a message processing rule
- Changing rule settings
- Deleting message processing rules
- Allowlists and denylists
- Managing the cluster
- Creating a new cluster
- Viewing the cluster node table
- Configuring the display of the cluster node table
- Viewing information about a cluster node
- Adding a node to the cluster
- Modifying node settings
- Removing a node from a cluster
- Changing the role of a node in a cluster
- Deleting the cluster
- Restarting a cluster node
- Managing the SSL certificate of the cluster node
- Checking data integrity
- Modifying the network settings of a cluster node
- Managing roles and user accounts
- Backup
- Configuring Backup settings
- Configuring personal Backup
- Viewing the table of objects in Backup
- Configuring the display of the table of objects in Backup
- Filtering and finding messages in Backup
- Viewing information about a message in Backup
- Delivering a message from Backup
- Downloading a message from Backup
- Deleting a message from Backup
- Backup digest
- Event log
- Viewing the event log
- Configuring event table display
- Filtering email traffic processing events
- Filtering application events
- Viewing information about email traffic processing events
- Viewing information about an application event
- Application event types
- Exporting the event log
- Configuring the event log
- Message queue
- Reports
- General protection settings
- About computer protection against certain legitimate applications
- Configuring the Anti-Virus module
- Configuring link scanning
- Configuring the Anti-Spam module
- Configuring the Anti-Phishing module
- Configuring Content Filtering
- Configuring external services
- Preparing to configure SPF and DMARC Mail Sender Authentication for outgoing messages
- Configuring date and time
- Configuring the proxy server connection settings
- Updating Kaspersky Secure Mail Gateway
- Database update for Kaspersky Secure Mail Gateway
- Exporting and importing settings
- Participating in Kaspersky Security Network and using Kaspersky Private Security Network
- Integration with an external directory service
- KATA protection
- Integration with a single KATA server
- Integration with multiple servers of the KATA cluster
- Creating a configuration file for the built-in balancer
- Configuring and running the built-in balancer on a cluster node
- Adding a KATA server
- Configuring KATA protection settings
- KATA integration dashboard
- Adding, modifying, and deleting IP addresses of KATA servers
- Disabling KATA integration
- Managing the application over SNMP
- Configuring the snmpd service in the operating system
- Enabling and disabling the use of the SNMP protocol in Kaspersky Secure Mail Gateway
- Configuring SNMP server connection settings
- Enabling and disabling forwarding of SNMP traps
- Configuring encryption of SNMP connections
- Description of MIB objects of Kaspersky Secure Mail Gateway
- Exporting MIB objects
- Email notifications for Kaspersky Secure Mail Gateway
- Configuring notifications about application events
- Configuring notifications about bounce messages
- Configuring notifications about message processing rules triggering
- Configuring notification templates
- Using macros in notification templates
- Adding a unique message ID to the notification
- Configuring the address for messages sent by the application
- Authentication using the single sign-on technology
- Connecting to cluster nodes over the SSH protocol
- Editing MTA settings
- DKIM signature for outgoing messages
- Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
- Domains and configuration of email routing
- Publishing application events to a SIEM system
- Contacting Technical Support
- Glossary
- Advanced persistent threat (APT)
- Anti-Phishing
- Anti-Spam
- Anti-Spam Quarantine
- Anti-Virus
- Backup
- Backup digest
- BEC attack
- Certificate fingerprint
- Cluster
- Content Filtering
- Control node
- Directory service
- DKIM Mail Sender Authentication
- DMARC Mail Sender Authentication
- Email notification
- Heuristic analysis
- Kaspersky Anti Targeted Attack Platform
- Kaspersky Private Security Network
- Kaspersky Security Network (KSN)
- Kerberos authentication
- Key file
- Keytab file
- LDAP
- Malicious links
- Moebius service
- MTA
- NTLM authentication
- Phishing
- PTR record
- Reputation filtering
- SCL rating
- Secondary node
- Service Principal Name (SPN)
- SIEM system
- SMTP verification
- SNMP agent
- SNMP trap
- Spam
- SPF Mail Sender Authentication
- Spoofing
- TLS encryption
- Update source
- Virtual machine
- Information about third-party code
- Trademark notices
KATA protection > Creating a configuration file for the built-in balancer
Creating a configuration file for the built-in balancer
Creating a configuration file for the built-in balancer
Only applicable when integrating with multiple servers of КАТА 5.0 or a later version.
To create a configuration file for the built-in balancer:
- Create a text file in the Unix format (LF for newline) and name it haproxy.cfg.
- Add the following lines to the file:
globallog 127.0.0.1 local6chroot /var/lib/haproxypidfile /var/run/haproxy.pidstats socket /var/lib/haproxy/stats user root group adm mode 660 level usermaxconn 1000user haproxygroup haproxydaemondefaultsmode tcplog globalretries 3timeout queue 1mtimeout connect 10stimeout client 1mtimeout server 1mtimeout check 10smaxconn 1000frontend kata_balancerbind 127.0.0.1:8000default_backend kata_servers - Choose the appropriate method of specifying KATA server addresses and add the corresponding line to the file.
- If you want to specify IP addresses of all KATA servers in the configuration file, add the following lines to the file:
backend kata_serversbalance roundrobindefault-server checkserver kata_node1 <IP-address1:port1>server kata_node2 <IP-address2:port2>server kata_node3 <IP-address3:port3>server kata_node4 <IP-address4:port4> - If you want to obtain an up-to-date list of addresses using a domain name (DNS record), add the following lines to the file:
resolvers dns_serversparse-resolv-confaccepted_payload_size 8192timeout resolve 10stimeout retry 10shold valid 60sbackend kata_serversbalance roundrobindefault-server check resolvers dns_servers init-addr noneserver-template kata_node 8 <domain_name>:<port>To obtain the list of addresses using a domain name, on the DNS server, create a domain name (for example, kata.example.com) with multiple A records indicating the IP addresses of KATA servers.
- If you want to specify IP addresses of all KATA servers in the configuration file, add the following lines to the file:
- Save the configuration file.
The configuration file for the built-in balancer is created.
Article ID: 243036, Last review: Feb 7, 2025