Configuring the Anti-Phishing scan settings for a rule
Configuring the Anti-Phishing scan settings for a rule
August 21, 2023
ID 73184
To configure the Anti-Phishing scan message processing settings:
- Export rule settings to an ХML file using the following command:
# /opt/kaspersky/klms/bin/klms-control \--get-rule-settings <rule ID> -f <rule settings file name>or--get-rule-settings <rule name> -n -f <rule settings file name>The
<rule name>should be enclosed in double quotes if it contains blanks. - Open the rule settings ХML file for editing.
- Specify the action you want the application to take on messages. To do so, in the
<apScanSettings>section specify the valueSkip, DeleteMessageorRejectfor the<phishingAction>setting if the message has status as Phishing or Malicious link.The default action is
Skip. - If you selected the
DeleteMessageaction at the previous step of the procedure, you can configure the application to move a copy of the message found to contain a phishing threat to Backup before deleting the message. To do so, in the<apScanSettings>section, specify the value1for the <backupPhishing> setting. - If you selected
Skipat Step 3 of the sequence, you can edit the text of the tag added to the Subject field of the message. To do so, in the<apScanSettings>section, specify the text of the stamp as the value for the following settings:<phishingMark>, if the message has Phishing status;<maliciousMark>, if the message has Malicious link status.
- Save the changes made.
- To import rule settings from an ХML file, use the following command:
# /opt/kaspersky/klms/bin/klms-control \--set-rule-settings <rule ID> -f <rule settings file name>or--set-rule-settings <rule name> -n -f <rule settings file name>The
<rule name>should be enclosed in double quotes if it contains blanks.
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.
