Support

Support for business applications

Kaspersky Security 8.0 for Linux Mail Server

Managing the application through the command line interface using the klms-control utility

Content filtering of messages

Configuring content filtering by attachment name

Kaspersky Security 8.0 for Linux Mail Server
Knowledge Base Online Help
Advice & Solutions FAQ Download Forum Contact support Recovery tools Product videos

Configuring content filtering by attachment name

August 21, 2023

ID 62593

To configure content filtering of messages by attachment name:

  1. Export rule settings to an XML file using the following command:

    # /opt/kaspersky/klms/bin/klms-control \

    --get-rule-settings <rule ID> -f <rule settings file name> or

    --get-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

  2. Open the rule settings XML file for editing.
  3. Enable content filtering of messages. To do so, in the <engineSettings> subsection of the <cfScanSettings> section, specify the value 1 for the <enableScan> setting.
  4. In the <cfScanSettings> section <engineSettings> subsection, in the <bannedFileNames> parameter, specify names of attached files that are banned.

    You can use masks and regular expressions as names of attachments. Names can contain any characters. Separate addresses with semicolons (";").

    Regular expressions and masks are case-insensitive.

    For example, you can enter the *.exe name mask to restrict transmission of messages that contain attachments with the EXE extension.

    If you need to add several file names, each file name must be in a separate <item> section, typed in a new string of the settings file.

    Example:

    <bannedFileNames>

    <item>*.exe</item>

    </bannedFileNames>

    Example of adding common executable files to banned attachments:

    Example:

    <bannedFileNames>

    <item>re:.*\.(scr|cpl|com|bat|cmd|vbs|pif|lnk|url|exe|bvs|spl|dll)$</item>

    <item>re:^[^\t\n]*\.[A-Za-z0-9]+\.(exe|vbs|cpl|dll)[. ]*$</item>

    </bannedFileNames>
  5. Specify the action you want the application to take on messages with attachments that have forbidden names. To do so, in the <cfScanSettings> section, specify the value Skip, DeleteMessage, DeleteAttachment or Reject for the <bannedFileNameAction> setting.

    The default action is Reject.

  6. If necessary, you can configure the application to move copies of messages with attachments that have forbidden names to Backup. To do so, in the <cfScanSettings> section, specify the value 1 for the <backupBannedFileName> setting.
  7. Save the changes made.
  8. To import rule settings from an XML file, use the following command:

    # /opt/kaspersky/klms/bin/klms-control \

    --set-rule-settings <rule ID> -f <rule settings file name> or

    --set-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.