- Kaspersky Secure Mail Gateway
- The Kaspersky Secure Mail Gateway interface
- Application licensing
- About the End User License Agreement
- About the license certificate
- About the key
- About the key file
- About the activation code
- About the subscription
- About data provision
- Modes of Kaspersky Secure Mail Gateway operation under license
- Adding an activation code
- Adding a key file
- Removing a key
- Monitoring license key status
- Configuring warnings about upcoming license key expiration
- Purchasing a license
- Renewing a license
- Application installation and setup
- Deploying a virtual machine in the management console of the VMware ESXi hypervisor
- Deploying a virtual machine in the web interface of VMware vSphere
- Deploying a virtual machine in the management console of the Microsoft Hyper-V Manager hypervisor
- Deploying a virtual machine using Microsoft SCVMM
- Application installation and setup
- Removing the application
- Preparing for removing the application
- Deleting a virtual machine in the management console of the VMware ESXi hypervisor
- Deleting a virtual machine in the web interface of VMware vSphere
- Deleting a virtual machine in the management console of the Microsoft Hyper-V hypervisor
- Deleting a virtual machine using Microsoft SCVMM
- Getting started with the application
- Monitoring of program operation
- Using message processing rules
- Viewing the rule table
- Configuring rule table display
- Message processing rule configuration scenario
- Creating message processing rules
- Configuring Anti-Virus protection
- Configuring URL Advisor
- Configuring Anti-Spam protection
- Configuring Anti-Phishing protection
- Configuring Content Filtering
- Mail Sender Authentication
- Notification settings for message scan events
- Adding a Warning about insecure message
- Adding email disclaimers
- Configuring KATA protection
- Viewing rule information
- Enabling and disabling a message processing rule
- Changing rule settings
- Deleting message processing rules
- Allowlists and denylists
- Managing the cluster
- Creating a new cluster
- Viewing the cluster node table
- Configuring the display of the cluster node table
- Viewing information about a cluster node
- Adding a node to the cluster
- Modifying node settings
- Removing a node from a cluster
- Changing the role of a node in a cluster
- Deleting the cluster
- Restarting a cluster node
- Managing the SSL certificate of the cluster node
- Checking data integrity
- Modifying the network settings of a cluster node
- Managing roles and user accounts
- Backup
- Configuring Backup settings
- Configuring personal Backup
- Viewing the table of objects in Backup
- Configuring the display of the table of objects in Backup
- Filtering and finding message copies in Backup
- Viewing information about a message in Backup
- Delivering a message from Backup
- Downloading a message from Backup
- Deleting a message copy from Backup
- Event log
- Message queue
- Reports
- General protection settings
- About computer protection against certain legitimate applications
- Configuring the Anti-Virus module
- Configuring URL Advisor
- Configuring the Anti-Spam module
- Configuring the Anti-Phishing module
- Configuring Content Filtering
- Configuring external services
- Preparing to configure SPF and DMARC Mail Sender Authentication for outgoing messages
- Configuring date and time
- Configuring the proxy server connection settings
- Downloading upgrade packages
- Database update for Kaspersky Secure Mail Gateway
- Exporting and importing settings
- Participating in Kaspersky Security Network and using Kaspersky Private Security Network
- Integration with an external directory service
- KATA protection
- Integration with a single KATA server
- Integration with multiple servers of the KATA cluster
- Creating a configuration file for the built-in balancer
- Configuring and running the built-in balancer on a cluster node
- Adding a KATA server
- Configuring KATA protection settings
- KATA integration dashboard
- Adding, modifying, and deleting IP addresses of KATA servers
- Disabling KATA integration
- Managing the application over SNMP
- Configuring the snmpd service in the operating system
- Enabling and disabling the use of the SNMP protocol in Kaspersky Secure Mail Gateway
- Configuring SNMP server connection settings
- Enabling and disabling forwarding of SNMP traps
- Configuring encryption of SNMP connections
- Description of MIB objects of Kaspersky Secure Mail Gateway
- Exporting MIB objects
- Email notifications for Kaspersky Secure Mail Gateway
- Authentication using the single sign-on technology
- Connecting to cluster nodes over the SSH protocol
- Editing MTA settings
- DKIM signature for outgoing messages
- Using the TLS protocol in the operation of Kaspersky Secure Mail Gateway
- Domains and configuration of email routing
- Publishing application events to a SIEM system
- Contacting Technical Support
- Glossary
- Advanced persistent threat (APT)
- Anti-Phishing
- Anti-Spam
- Anti-Spam Quarantine
- Anti-Virus
- Backup
- BEC attack
- Certificate fingerprint
- Cluster
- Content Filtering
- Control node
- Directory service
- DKIM Mail Sender Authentication
- DMARC Mail Sender Authentication
- Email notification
- Heuristic analysis
- Kaspersky Anti Targeted Attack Platform
- Kaspersky Private Security Network
- Kaspersky Security Network (KSN)
- Kerberos authentication
- Key file
- Keytab file
- LDAP
- Malicious links
- Moebius service
- MTA
- NTLM authentication
- Phishing
- PTR record
- Reputation filtering
- SCL rating
- Secondary node
- Service Principal Name (SPN)
- SIEM system
- SMTP verification
- SNMP agent
- SNMP trap
- Spam
- SPF Mail Sender Authentication
- Spoofing
- TLS encryption
- Update source
- Virtual machine
- Information about third-party code
- Trademark notices
Using message processing rules > Message processing rule configuration scenario > Configuring Content Filtering
Configuring Content Filtering
Configuring Content Filtering
Before configuring Content Filtering in the message processing rule, make sure that Content Filtering is enabled in general protection settings.
To configure Content Filtering in the message processing rule:
- In the application web interface window, select the Rules section.
- In the rule table, select the rule for which you want to configure Content Filtering.
This opens the View rule window.
- Click Edit.
Rule settings become editable.
- In the left pane, select the Content Filtering section.
- Use the toggle switch to the right of the section title to enable or disable content filtering of messages that match rule criteria.
By default, Content Filtering of messages is disabled.
- If at the previous step, you have enabled Content Filtering, configure the following filtering criteria:
- By message size
- If you want to restrict the sending of messages that contain attachments of a certain size, in the If the allowed message size is exceeded group of settings, in the drop-down list, select an action to apply to messages:
- Skip.
- Delete message.
- Reject.
The Reject action is selected by default.
- If you want to automatically place messages containing attached objects of a certain size in Backup based on the scan results, select the Move copy to Backup check box.
This check box is selected by default.
- If you want a tag to be automatically added after the scan to the beginning of the subject of messages that contain attachment objects of a certain size, type the text of the tags in text boxes under the Move copy to Backup check box.
By default, no tag is assigned.
- In the Message size (KB) field, type the maximum size of objects in the range from 0 KB to 1,048,576 KB (1 GB).
If the value is set to 0 KB, no restrictions apply to the size of objects.
- If you want to restrict the sending of messages that contain attachments of a certain size, in the If the allowed message size is exceeded group of settings, in the drop-down list, select an action to apply to messages:
- By attachment format
- If you want to restrict the sending of messages that contain attachments of a particular format, in the If attachment type is detected group of settings, create a list of attachment formats to which the rule must apply. To do so:
- Select a list creation method:
- Attachments that have type from the list below if you want to specify attachment formats that you want to add to the list.
Content Filtering settings will be applied to messages containing attachments that have specified formats.
- Attachments that have type NOT from the list below if you want to specify attachment formats that you want to exclude from the list.
Content Filtering settings will not be applied to messages containing attachments that have specified formats.
- Attachments that have type from the list below if you want to specify attachment formats that you want to add to the list.
- Click Edit to open the File formats window.
- Select check boxes next to attachment formats that you want to add to the list or exclude from the list:
- Archives (e.g., ZIP; RAR; TGZ)
- Databases (e.g., ACCDB; ACCDC; MDB)
- Executable files (e.g., EXE; DLL; OCX)
- Graphic files (e.g., JPG; BMP; WMF)
- Multimedia files (e.g., AVI; WMV; MP3)
- Document files (e.g., DOC; XLS; PDF; PPT)
- Other files (e.g., TXT; CHM; HTM)
- In the lower right corner, click OK.
- Select a list creation method:
- In the In case of detection drop-down list, select the action that will be applied to messages:
- Skip.
- Delete message.
- Delete attachment.
- Reject.
The Reject action is selected by default.
- If you want to automatically place messages containing attachments of the specified formats in Backup based on the scan results, select the Move copy to Backup check box.
This check box is selected by default.
- If you want a tag to be added after the scan to the beginning of the subject of messages that contain attachment objects of a certain format, type the text of the tags in text boxes under the Move copy to Backup check box.
By default, no tag is assigned.
- If you want to restrict the sending of messages that contain attachments of a particular format, in the If attachment type is detected group of settings, create a list of attachment formats to which the rule must apply. To do so:
- By attachment name.
- If you want to restrict the sending of messages that contain attachments with certain names, under Attachment name, in the Names of attachments field, enter the names of such attachments.
You can use masks and regular expressions in an attachment name. Names can contain any characters. Use semicolons ";" to separate the names.
Masks and regular expressions are not case-insensitive.
For example, you can enter the
*.exename mask to restrict transmission of messages that include attachments with the EXE extension.To restrict the sending of messages that contain executable files of widespread formats, you can use the following regular expression:
re:.*\.(scr|cpl|com|bat|cmd|vbs|pif|lnk|url|exe|bvs|spl|dll) - In the In case of detection drop-down list, select the action that you want to apply to messages:
- Skip.
- Delete message.
- Delete attachment.
- Reject.
The Reject action is selected by default.
- If you want to automatically place messages containing attachments with the specified names in Backup based on the scan results, select the Move copy to Backup check box.
This check box is selected by default.
- If you want a tag to be automatically added after the scan to the beginning of the subject of messages that contain attachment objects of a certain format, type the text of the tags in text boxes under the Move copy to Backup check box.
By default, no tag is assigned.
- If you want to restrict the sending of messages that contain attachments with certain names, under Attachment name, in the Names of attachments field, enter the names of such attachments.
- By message size
- If you want to scan for forbidden formats or names of files within compound objects (including archives), select the Scan compound objects check box.
If you enable scanning compound objects, the Scan file formats and names in archive check box is selected automatically because archives are a subset of compound objects.
- If at the previous step, you did not enable scanning compound objects and want to scan for forbidden formats or filenames only in archives, select the Scan file formats and names in archive check box.
- Click Save.
Content Filtering is configured. The specified settings are applied to messages that match the rule criteria.
To ensure the configured settings are applied during the operation of Kaspersky Secure Mail Gateway, make sure to enable Content Filtering for the rule and to enable the configured rule.
Article ID: 203009, Last review: Jan 24, 2025