The Anti-Spam module only scans the first 50 MB of the message. If the message is bigger, the rest of it is not scanned, and the status is assigned based on the first 50 MB.
To configure the Anti-Spam module settings:
In the application web interface window, select the Settings → General → Protection section.
Select the Anti-Spam tab.
Enable or disable the Anti-Spam module with the Use Anti-Spam toggle switch.
By default, the Anti-Spam module is enabled.
If at the previous step you enabled the Anti-Spam module, configure the following:
Enable or disable the Moebius service with the Use Moebius toggle switch.
By default, the Moebius is disabled.
Use the Protection against AD spoofing toggle switch to enable or disable protection against spoofing attacks.
Protection against spoofing attacks is disabled by default.
If you enabled protection against spoofing attacks at the previous step, use the Group LDAP: distinguishedName field to specify the Active Directory group whose users will receive this protection.
You can add only one group. The number of entries in a group containing an email address must not exceed 10000. When this number is exceeded, protection against spoofing attacks will be applied to 10000 users randomly selected from this group.
Use the IP and domain reputation toggle switch to enable or disable use of the Anti-Spam module databases to check the reputation of IP addresses and domains that were the source of messages.
Checking the reputation of IP addresses and domains is enabled by default.
Enable or disable Anti-Spam Quarantine with the Use Anti-Spam Quarantine toggle switch.
If Anti-Spam Quarantine is enabled, email messages that do not have a final Anti-Spam check result are temporarily stored in Anti-Spam Quarantine.
Modifying default Anti-Spam quarantine settings can lower the level of spam detection.
In the Maximum scanning time (s) subsection, specify the maximum duration of Anti-Spam scanning of a message in seconds.
Possible values: integers from 1 to 600. Default value: 30.
If Anti-Spam scanning of a message does not finish within the time limit you specified, Kaspersky Secure Mail Gateway:
Stops scanning the message (Skip action).
Assigns the Error status to the message.
Delivers the message to the recipient.
Adds a record to the /var/log/ksmg-messages event log.
In the Maximum Quarantine duration (s) field, specify the time to store a message in Anti-Spam Quarantine before the message is delivered to the recipient.
Possible values: integers from 1 to 86400. Default value: 3000.
In the Maximum number of messages, specify the number of messages that, once exceeded, prevents messages from being quarantined.
Specify 0 if no limit is required.
Possible values: integers from 0 to 9007199254740993. Default value: 0.
In the Maximum Quarantine size (MB) field, enter the size of Anti-Spam Quarantine that, once exceeded, prevents messages from being quarantined.
Possible values: integers from 0 to 8192. Default value: 1024.