Support

Support for business applications

Kaspersky Security 8.0 for Linux Mail Server

Manually integrating Kaspersky Security 8 for Linux Mail Server with the Amavis interface and mail servers

Manual Integration with Sendmail server

Integration using the CF file

Kaspersky Security 8.0 for Linux Mail Server
Knowledge Base Online Help
Advice & Solutions FAQ Download Forum Contact support Recovery tools Product videos

Integration using the CF file

August 21, 2023

ID 43932

To integrate Kaspersky Security 8 for Linux Mail Server with Sendmail using the CF file:

  1. Create a backup copy of the sendmail.cf file.
  2. Add the following strings to the sendmail.cf file:

    #KLMS-milter-begin-filter

    O InputMailFilters=KLMS_Milter

    O Milter.macros.connect=j, _, {daemon_name}, {if_name}, {if_addr}

    O Milter.macros.helo={tls_version}, {cipher}, \

    {cipher_bits}, {cert_subject}, {cert_issuer}

    O Milter.macros.envfrom=i, {auth_type}, \

    {auth_authen}, {auth_ssf}, {auth_author}, \

    {mail_mailer}, {mail_host}, {mail_addr}

    O Milter.macros.envrcpt={rcpt_mailer}, {rcpt_host}, {rcpt_addr}

    #KLMS-milter-end-filter

    #KLMS-milter-begin-socket

    XKLMS_Milter, S=$filter_socket,${fail_type}T=S:3m;R:5m;E:10m

    #KLMS-milter-end-socket

    where $filter_socket is the IP address and port number or the UNIX socket that the filter uses to listen for incoming connections, written as follows: inet:<port>@<IP address> (for network sockets) or unix:<path to UNIX socket> (for UNIX sockets).

    ${fail_type} defines the action to be taken by the Sendmail server on messages if the filter works incorrectly. ${fail_type} can take the values "F=R", "F=A," or "F=T,". R means reject, A means accept, and T means tempfail. If you replace ${fail_type} with an empty line, the message will be skipped. The recommended option is tempfail.

    Example:

    INPUT_MAIL_FILTER(`KLMS_Milter',`S=inet:10025@127.0.0.1,F=T,T=S:3m;R:5m;E:10m')dnl
  3. Stop the klms service.
  4. Open the file /etc/opt/kaspersky/klms/klms_filters.conf (under Linux) or /usr/local/etc/kaspersky/klms/klms_filters.conf (under FreeBSD).
  5. In the [global] section, specify the path to the sendmail file in the following line:

    sendmail-path=<path to sendmail file>

  6. Specify the IP address and port number or UNIX socket where the filter will listen for incoming connections in the following string of the [milter] section of the /etc/opt/kaspersky/klms/klms_filters.conf file (under Linux) or /usr/local/etc/kaspersky/klms/klms_filters.conf (under FreeBSD):

    socket=inet:<port>@<IP address> or <UNIX socket>

    Example:

    socket=inet:10025@127.0.0.1
  7. Open the file /var/opt/kaspersky/klms/installer.dat (under Linux) or /var/db/kaspersky/klms/installer.dat (under FreeBSD).
  8. Add the following lines to the file:

    SENDMAIL_MILTER=1

    SENDMAIL_USES_MC=1 if you have compiled the MC file, or 0 if not.

    START_MILTER=1

  9. Start the klms service.
  10. Restart the Sendmail server.

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.