- About the Kaspersky Secure Mail Gateway
- Application licensing
- About the End User License Agreement
- About the license
- About the license certificate
- About the key
- About the key file
- About the activation code
- About the subscription
- About data provision
- KSMG modes based on the license
- Adding an activation code
- Adding a key file
- Removing a key
- Monitoring license key status
- Configuring warnings about upcoming license key expiration
- Purchasing a license
- Renewing a license
- Scaling KSMG
- Application installation and setup
- Creating a virtual machine
- Starting the Setup Wizard
- Step 1. Selecting the language to display the End User License Agreement and the Privacy Policy in
- Step 2. Reviewing the License Agreement
- Step 3. Viewing the Privacy Policy
- Step 4. Transferring data to the hard drive
- Step 5. Configuring the domain name of the virtual machine
- Step 6. Beginning the configuration of network adapters
- Step 7. Configuring the receipt of network settings via DHCP
- Step 8. Configuring static network settings
- Step 9. Completing the configuration of network adapters
- Step 10. Editing the network settings of a cluster node
- Step 11. Setting the administrator password
- Step 12. Finishing the Setup Wizard
- Removing the application
- KSMG interface
- Getting started with the application
- Integration of KSMG into the corporate mail infrastructure
- Monitoring of application operation
- General protection settings
- About computer protection against certain legitimate applications
- Configuring the Anti-Virus module
- Configuring link scanning
- Configuring the Anti-Spam module
- Configuring the Anti-Phishing module
- Configuring Content Filtering
- Configuring external services
- Preparing to configure SPF and DMARC Mail Sender Authentication for outgoing messages
- Configuring the addition of X-headers to messages
- Using message processing rules
- Viewing the rule table
- Configuring rule table display
- Message processing rule configuration scenario
- Creating message processing rules
- Configuring Anti-Virus protection
- Configuring link scanning
- Configuring Anti-Spam protection
- Configuring Anti-Phishing protection
- Configuring Content Filtering
- Enabling or disabling Content Filtering in rule settings
- Configuring Content Filtering
- Creating a Content Filtering expression
- Creating a Content Filtering condition
- Enabling, disabling, or deleting expressions
- Enabling, disabling, or deleting conditions
- Configuring the final action to take on a message
- Mail Sender Authentication
- Notification settings for message scan events
- Adding a Warning about insecure message
- Adding email disclaimers
- Configuring KATA protection
- Examples of message processing rule configuration
- Dictionaries
- Viewing rule information
- Enabling and disabling a message processing rule
- Changing rule settings
- Deleting message processing rules
- Allowlists and denylists
- Managing the cluster
- Creating a new cluster
- Viewing the cluster node table
- Configuring the display of the cluster node table
- Viewing information about a cluster node
- Adding a node to the cluster
- Modifying node settings
- Removing a node from a cluster
- Changing the role of a node in a cluster
- Deleting the cluster
- Restarting a cluster node
- Managing the SSL certificate of the cluster node
- Checking data integrity
- Modifying the network settings of a cluster node
- Managing user accounts and roles
- Backup
- Configuring Backup settings
- Configuring personal Backup
- Viewing the table of objects in Backup
- Configuring the display of the table of objects in Backup
- Filtering and finding messages in Backup
- Viewing information about a message in Backup
- Viewing a message in Backup
- Viewing a message in personal Backup
- Viewing the sending history of a message in Backup
- Sending messages from Backup
- Sending messages from personal Backup
- Deleting a message from Backup
- Sending or deleting a group of messages in Backup
- Downloading a message from Backup
- Backup digest
- Event log
- Viewing the event log
- Configuring event table display
- Filtering email traffic processing events
- Filtering application events
- Viewing information about email traffic processing events
- Viewing information about an application event
- Application event types
- Exporting the event log
- Configuring the event log
- Message queue
- Reports
- Configuring date and time
- Configuring the proxy server connection settings
- Updating KSMG
- Upgrading KSMG to version 2.1
- Installing the ksmg_upgrade_2.1.0.7854_openssh_cve_2024_6387
- Updating KSMG databases
- Exporting and importing settings
- Participating in Kaspersky Security Network and using Kaspersky Private Security Network
- Integration with an external directory service
- Creating a keytab file
- Adding a LDAP server connection
- Deleting a LDAP server connection
- Modifying LDAP server connection settings
- Configuring the schedule of synchronization with the Active Directory domain controller
- Manually starting synchronization with the Active Directory domain controller
- Enhancing the security of a LDAP server connection
- KATA protection
- Integration with a single KATA server
- Integration with multiple KATA servers
- Creating a configuration file for the local balancer
- Configuring and running the local balancer on a cluster node
- Adding a KATA server
- Configuring KATA protection settings
- KATA integration dashboard
- Adding, modifying, and deleting IP addresses of KATA servers
- Disabling KATA integration
- Managing the application over SNMP
- Email notifications of the application
- Configuring notifications about application events
- Configuring notifications about bounce messages
- Configuring notifications about message processing rules triggering
- Configuring notification templates
- Using macros in notification templates
- Adding a unique message ID to the notification
- Configuring the address for messages sent by the application
- Authentication using the single sign-on technology
- Connecting to cluster nodes over the SSH protocol
- Configuring MTA settings
- DKIM signature for outgoing messages
- Configuring TLS for KSMG
- Domains and configuration of email routing
- Publishing application events to a SIEM system
- Contacting Technical Support
- Glossary
- Advanced persistent threat (APT)
- Anti-Phishing
- Anti-Spam
- Anti-Spam Quarantine
- Anti-Virus
- Backup
- Backup digest
- BEC attack
- Certificate fingerprint
- Cluster
- Content Filtering
- Content Filtering condition
- Content Filtering dictionary
- Content Filtering expression
- Control node
- Directory service
- DKIM Mail Sender Authentication
- DMARC Mail Sender Authentication
- Email notification
- Heuristic analysis
- Kaspersky Anti Targeted Attack Platform
- Kaspersky Private Security Network
- Kaspersky Security Network (KSN)
- Kerberos authentication
- Key file
- Keytab file
- LDAP
- Malicious links
- Moebius service
- MTA
- NTLM authentication
- Personal user
- Phishing
- Privileged user
- PTR record
- Reputation filtering
- SCL rating
- Secondary node
- Service Principal Name (SPN)
- SIEM system
- SMTP verification
- SNMP agent
- SNMP trap
- Spam
- SPF Mail Sender Authentication
- Spoofing
- TLS encryption
- Update source
- Virtual machine
- Information about third-party code
- Trademark notices
Creating a dictionary
To create a dictionary:
- In the application web interface window, select the Rules section.
- Click Dictionaries.
- In the Dictionaries window, click Create.
This opens the dictionary creation window.
- In the Name field, enter a name for the dictionary. The name must be unique among the names of dictionaries (case-insensitive).
This name is displayed in conditions in which the dictionary is used.
- In the Description field, enter a description of the dictionary. The maximum length is 512 characters.
- In the Dictionary contents list, select one of the following options:
- Strings
This type of dictionary contains a list of text string values, masks, and regular expressions.
- File types
This type of dictionary contains a list of file types.
- Strings
- If at the previous step, you selected the Strings option, under Search strings, specify a list of string values.
You can specify values in the following ways:
- Text
To add some text, click Add, enter your text, then click
or press ENTER. If necessary, repeat this step to add more strings.To paste text from the clipboard, click Import, type or paste text strings separated by semicolons or new lines, then click Import.
If you want to edit a previously text string, click it in the text box, make the necessary changes in edit mode, and click
. If necessary, use search.If you want to remove a string from the list, point to the header in the list and click the
icon. To clear the list, click Delete all.We do not recommend entering a string longer than 1000 characters.
You can copy all text strings in the list. To do so, click Copy all.
If not all items are displayed in the area, you can select the number of items you want to display in the drop-down list in the lower part of the area.
- Wildcard
To add a search mask, click Add, enter your text, then click
or press Enter. If necessary, repeat this step to add more masks.We do not recommend entering a mask longer than 1000 characters.
To paste masks from the clipboard, click Import, type or paste search masks separated by semicolons or new lines, then click Import.
If you want to edit a previously added mask, click the mask in the text box, make the necessary changes in edit mode, and click
. If necessary, use search.If you want to remove a mask from the list, point to the mask in the list and click the
icon. To clear the list, click Delete all.You can copy all masks added to the list. To do so, click Copy all.
If not all items are displayed in the area, you can select the number of items you want to display in the drop-down list in the lower part of the area.
- Regexp
To add a regular expression, click Add, enter your regular expression, then click
or press ENTER.Regular expressions of the PCRE format are supported. The search is performed in multi-line mode.
When searching in the body of the message using a regular expression of the
^test_pattern$form, the condition is triggered for messages whose body consists of only thetest_patternstring (no leading or trailing spaces), as well as for messages whose body contains at least one string consisting only oftest_pattern(no leading or trailing spaces).If the condition must be triggered only for messages whose entire body consists of only the
test_patternstring (without leading or trailing spaces), use the\Atest_pattern\zregular expression.You do not need to prefix the string with "re:".
If necessary, repeat this step to add more regular expressions.
To paste regular expressions from the clipboard, click Import, type or paste regular expressions separated by semicolons or new lines, then click Import.
If you want to edit a previously added regular expression, click the regular expression in the text box, make the necessary changes in edit mode and click
. If necessary, use search.If you want to remove a regular expression from the list, point to the regular expression in the list and click the
icon. To clear the list, click Delete all.We do not recommend entering a regular expression longer than 1000 characters.
You can copy all regular expressions in the list. To do so, click Copy all.
If not all items are displayed in the area, you can select the number of items you want to display in the drop-down list in the lower part of the area.
- Text
- The dictionary uses strings from all filled-in tabs.
- If at the previous step, you selected the File types option, under Search strings on the tab All, select check boxes next to the relevant attachment types.
You can view the list of selected file types on the Selected tab.
- Archives: 7Z (including volumes with 7Z* extensions), ACE, ARJ, BZ, BZ2, TBZ, TBZ2, CAB, DMG, SMI, IMG, GZ, TGZ, ISO, JAR, RAR, TAR, XAR, ZIP
- Databases: ACCDB, ACCDE, ACCDP, ACCDR, ACCDC, MDB, MDT.
- Executable files: APK, SCPT, APPLESCRIPT, BAT, CMD, DEB, DEX, ODEX, ELF, CLASS, JS, O, DYLIB, MSI, PYC, PYO, RPM, SH, PL, VBS, EXE, DLL, OCX, SCR, LNK.
For APPLESCRIPT and SCPT attachment types, Content Filtering detects only compiled files.
- Image files:
- Animated files: SWF
- Bitmap images: BMP, GIF, JPG, JPE, JPEG, JFIF, PNG, APNG, TIF, TIFF
- Vector graphics: CDR, EMF, WMF, EPS, PSD
- Multimedia files:
- Audio files: AAC, M4A, AC3, APE, CDA, FLAC, MID, MIDI, MKA, MP3, OGG, RM, RA, RAVB, WAV, WMA
- Video files: 3GP, 3G2, 3GP2, 3P2, ASF, WMV, AVI, BIK, F4V, FLV, MKV, MOV, QT, DIVX, MP4, RM, RMVB, RTMP, VOB, DAT, MPG, MPEG
- Document files:
- Documents: DOC, DOCM, DOCX, DOT, DOTM, DOTX, ODT, PDF, RTF, SXW, XPS
- Presentations: POTM, POTX, PPSM, PPSX, PPT, POT, PPS, PPTM, PPTX, SLDX, ODP
- Specialized files: PUB, MSG, OFT, ONE, ONEPKG, VDX, VSX, VTX, VSD, VSS, VST, XSN
- Spreadsheets: XLAM, XLS, XLT, XLSB, XLSM, XLSX, XLTM, XLTX, ODS
- Miscellaneous: CAT, HTML, HTM, TXT, CHM, REG
- Other file types. These include unrecognized file types and file types that do not match any of the listed types.
- Click Save.
The dictionary is created.