The program operates with the use of data whose transmission and processing requires the consent of the Kaspersky Secure Mail Gateway administrator.
You can view the list of data and the terms on which it is used as well as give consent to data processing in the following agreements between your organization and Kaspersky:
Kaspersky protects any information received in this way as prescribed by law and applicable rules of Kaspersky. Data is transmitted over encrypted data links.
RAM of Kaspersky Secure Mail Gateway may contain any processed data of program users. The administrator of Kaspersky Secure Mail Gateway must personally ensure the security of such data.
By default, access to personal information of users can only be gained by the superuser (root) account of operating systems, the administrator account of Kaspersky Secure Mail Gateway Local administrator, as well as system accounts kluser, postfix, opendkim, and nginx, which components of the program use in the course of their operation. The program itself has no capability to restrict the permissions of administrators and other users of operating systems on which the program is installed. Access to the storage location of the data is restricted by the file system. The administrator should take steps to control access to personal information of other users by any system level measures at the administrator's own discretion.
Data is sent between cluster nodes through an encrypted channel (over HTTPS with user authorization using a security certificate). Data is sent to the web interface through an encrypted channel over HTTPS. Web interface users must complete the authentication procedure, and the Local administrator is authorized with a password.
Email delivery supports SMTPS encryption.
Managing the program using the management console of the server on which the program is installed using the superuser account lets you manage dump settings. A dump is generated whenever the program crashes and can be useful for analyzing the causes of the crash. The dump may include any data, including fragments of analyzed files. By default, dump generation in Kaspersky Secure Mail Gateway is disabled.
Access to such data can be gained from the Management Console of the server on which the program is installed, using an account with super-user privileges.
When sending diagnostic information to Kaspersky Technical Support, the Kaspersky Secure Mail Gateway administrator must take steps to ensure the security of dumps and trace files.
The administrator of Kaspersky Secure Mail Gateway is responsible for access to this information.
The following table contains the complete list of user data that can be stored by Kaspersky Secure Mail Gateway.
|
|
|
|
|
Data type
|
Where data is used
|
Storage location
|
Storage duration
|
Access
|
Basic functionality of the program
|
- Account names of program administrator and users.
- Access permissions of user accounts of the program.
- Hash of the Local administrator password.
- User account name and password that the program uses to connect to the proxy server.
- Keytab files for connecting to the LDAP server.
- Names of user accounts in LDAP and other LDAP attributes.
- Comments.
|
Program configuration
|
/var/opt/kaspersky
|
Indefinite.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view program settings.
|
- Names of user accounts in LDAP and other LDAP attributes.
- Email addresses of message senders and recipients.
- IP addresses of users and mail servers.
- Comments.
|
Message processing rules
|
/var/opt/kaspersky
|
Indefinite.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view message processing rules.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
Information about LDAP attributes of users:
- Names of user accounts in LDAP and other LDAP attributes.
|
Runtime statistics
|
/var/opt/kaspersky
|
Indefinite.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view reports and the Monitoring section.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Names of email attachments.
- Message subject.
Information about LDAP attributes of users:
- Names of user accounts in LDAP and other LDAP attributes.
|
Message processing event log
|
/var/opt/kaspersky
|
In accordance with settings specified by the user of the program.
By default, the storage duration is 3 days and the maximum size of the log is 1 GB.
When this limit is reached, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view the message processing event log.
|
/var/log/ksmg-messages
|
Indefinite.
When the size reaches 23 GB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information and can also have access to data when receiving diagnostic information and logging events.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to receive diagnostic information.
|
/var/log/ksmg-important
|
Indefinite.
When the size reaches 500 MB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information and can also have access to data when receiving diagnostic information and logging events.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to receive diagnostic information.
|
- The name of the user account that initiated the event.
- IP addresses used for downloading updates.
- IP addresses of update sources.
|
System event log
|
/var/opt/kaspersky
|
In accordance with settings specified by the user of the program.
By default, 100,000 entries are stored.
When this limit is reached, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view the system event log.
|
/var/log/ksmg-messages
|
Indefinite.
When the size reaches 23 GB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information and can also have access to data when receiving diagnostic information and logging events.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to receive diagnostic information.
|
/var/log/ksmg-important
|
Indefinite.
When the size reaches 500 MB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information and can also have access to data when receiving diagnostic information and logging events.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to receive diagnostic information.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Message subject.
- Message body.
- Message control headers.
- Names and bodies of email attachments.
Data on program updates:
- IP addresses used for downloading updates.
- IP addresses of update sources.
- Information about downloaded files and download speed.
Information about user accounts:
- Names of administrator accounts and program web interface user accounts.
- Names of user accounts in LDAP and other LDAP attributes.
|
Trace files
|
/var/log/kaspersky
|
Indefinite.
When the size reaches 150 MB per trace stream, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information and can also have access to data when receiving diagnostic information and logging events.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to receive diagnostic information.
|
/var/log/kaspersky/extra
|
Indefinite.
When the size reaches 400 MB per trace stream, older records are deleted.
|
/var/log/ksmg-traces
|
Indefinite.
When the size reaches 23 GB per trace stream, older records are deleted.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Message subject.
- Message body.
- Message control headers.
- Names and bodies of email attachments.
|
Backup
|
/var/opt/kaspersky
|
Indefinite.
When the size reaches 7 GB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- The postfix and opendkim services have access to messages while they are being fetched from Backup.
- Users of the program web interface that have permissions to view Backup.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Message subject.
- Message body.
- Message control headers.
- Names and bodies of email attachments.
|
Anti-Spam Quarantine
|
/var/opt/kaspersky
|
Indefinite.
When the size reaches 1 GB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view Anti-Spam Quarantine.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Message subject.
- Message body.
- Message control headers.
- Names and bodies of email attachments.
- URLs contained in the message.
|
KATA Quarantine.
|
/var/opt/kaspersky
|
Indefinite.
When the size reaches 1 GB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view KATA Quarantine.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Message subject.
- Message body.
- Message control headers.
- Names and bodies of email attachments.
|
Temporary files
|
- /tmp/ksmgtmp
- /tmp/klms_filter
|
Until program restart.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The postfix and opendkim services have access to processed messages while they are being delivered.
|
Integration with Active Directory
|
- Email address of the user.
- User DN record.
- CN of the user.
- sAMAccountName.
- UPN suffix.
- objectSID.
|
- Message processing rules.
- Authentication using the single sign-on technology.
- Autocompletion of user accounts when managing user roles and permissions, or when configuring message processing rules.
|
/var/opt/kaspersky/ksmg/ldap/cache.dbm
|
Indefinite.
The data is regularly updated.
When integration with Active Directory is disabled, the data is deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions for autocompletion of user accounts.
|
Integration with Kaspersky Anti Targeted Attack Platform (KATA)
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Message subject.
- Message body.
- Message control headers.
- Names and bodies of email attachments.
- URLs contained in the message.
|
Forwarding of objects to be scanned on the KATA server
|
Data is not saved.
|
Data is not saved.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
|
Built-in mail server functionality
|
- Certificates for establishing TLS connections.
- Certificate private key files.
- Private keys for DKIM signatures.
- Email addresses of users.
- IP addresses and domain names of mail servers.
|
Built-in mail server settings
|
/etc/postfix/
/var/opt/kaspersky/
|
Indefinite.
Data is deleted when the corresponding settings are removed in the program web interface.
Certificate files can be overwritten when a certificate is replaced.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- The postfix and opendkim services have access to the storage location of the information and the data when it is being processed.
- Users of the program web interface that have permissions to view settings of the built-in mail server have access to data except private keys.
|
Information from email messages:
- IP addresses of users and mail servers.
- Email addresses of message senders and recipients.
- Domain names of mail servers.
- TLS encryption information.
|
Event log of the built-in mail server
|
/var/log/maillog
|
Indefinite.
When the size reaches 23 GB, older records are deleted.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data when receiving diagnostic information.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- The postfix and opendkim services have access to the data when logging events.
- Users of the program web interface that have permissions to receive diagnostic information.
|
Information from email messages:
- Email addresses of message senders and recipients.
- Message subject.
- Message body.
- Message control headers.
|
Message queues of the built-in mail server
|
/var/spool/postfix
|
Indefinite.
Messages are deleted when they are delivered to recipients.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while managing message queues of the built-in mail server.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- The postfix service has access data when data is being processed.
- Users of the program web interface that have permissions to view message queues.
|
Connecting over SSH:
- IP address of the user.
- Name of the user account.
- SSH key fingerprint.
Connecting over the web interface:
- IP address of the user.
- Name of the user account.
|
Authorization event log
|
/var/log/secure
|
Not longer than 5 weeks.
A weekly file rotation is maintained.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data while it is being processed.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to receive diagnostic information.
|
SSH public keys of program administrators.
|
Built-in SSH server settings
|
/etc/ssh/authorized_keys
|
Indefinite.
Data is deleted when the corresponding settings are removed in the program web interface.
|
- The root user has access to the storage location of the information.
- The kluser user has access to the storage location of the information as well as the data when managing the built-in SSH server settings.
- The nginx service has access to the data while it is transmitted between nodes or to the web interface.
- Users of the program web interface that have permissions to view the settings of the built-in SSH server.
|
Data is sent to KSN servers in an encrypted form. By default, data can be accessed by Kaspersky staff, the superuser (root) account of operating systems, and the kluser system account, which components of the program use in the course of their operation.
For a full enumeration of user data transmitted to the KSN service, see the following table.
When the application databases are updated from Kaspersky servers, the following information is transmitted: