About the Kaspersky Secure Mail Gateway

July 10, 2024

ID 201622

The Kaspersky Secure Mail Gateway solution (hereinafter also referred to as "KSMG") lets you deploy a mail gateway as a cluster system, which can scale with the volume of processed traffic, and integrate it into the existing mail infrastructure of your organization.

The solution is provided as two distribution types:

  • ISO file with a pre-installed operating system, mail server, and Kaspersky Anti-Virus application. Detailed information about this distribution type is provided in this document.
  • RPM or DEB installation package. Detailed information is provided in the KSMG Help for this distribution type.

KSMG protects incoming and outgoing email against malicious objects, spam and phishing content, and performs Content Filtering of email messages.

KSMG allows you to:

  • Perform Anti-Virus scanning of messages:
    • Check messages for viruses, malware, and macros (for example, Microsoft Office files containing macros), encrypted objects, archives (including recognizing types of files inside archives and compound objects).
    • Use the information from Kaspersky Security Network to ensure a faster response to new threats.
    • Configure integration with the Kaspersky Private Security Network (KPSN) for organizations where Internet access is restricted by internal rules and policies.
    • Configure integration with the Kaspersky Anti Targeted Attack Platform (KATA) for detection of threats such as zero-day attacks, targeted attacks, and complex targeted attacks known as advanced persistent threats (APT).
  • Perform Anti-Spam scanning of messages:
    • Check messages for spam, probable spam, mass mail (including spoofed domain recognition and IP address reputation checking).
    • Detect messages that contain Unicode spoofing. If Unicode spoofing is detected, the message is considered to be spam. The application adds the unicode_spoof tag to the X-KSMG-AntiSpam-Method message header.
    • Add the X-MS-Exchange-Organization-SCL X-headers to messages, based on the scan results. The headers contain the SCL rating.
    • Place messages into Anti-Spam Quarantine and manage the Anti-Spam Quarantine via the web interface.
  • Perform Anti-Phishing scanning of messages.
  • Scan messages for malicious or advertising links, as well as links related to legitimate software.
  • Perform content filtering of messages:
    • By message size
    • By attachment name
    • By attachment type

      KSMG allows you to determine the true format and type of an attachment, regardless of its extension, including inside archives and compound objects.

    • By message subject
    • By message body
    • By sender
    • By recipient
    • By message copy recipient
    • By top-level headers of the MIME structure of the message
  • Configure actions to be performed on message headers when a message processing rule or a Content Filtering expression is triggered, or a Content Filtering error occurs.
  • Configure a BCC message to be sent to a specific address when a processing rule is triggered.
  • Authenticate mail senders using SPF, DKIM, and DMARC technologies.
  • Configure integration with Active Directory to obtain information about domain users.
  • Obtain information about application events:
    • Logging mail traffic processing events and application events that occur during the operation of the application. The log can be filtered to search for events conveniently.
    • Export events in the CSV format.
  • Publish application events to a SIEM system used in your organization using the syslog protocol. Information about each application event is relayed as a separate syslog message in CEF format.
  • Configure and manage the application using a web interface.
    • Monitor the status of email traffic and system resources, view the lists of the latest detected threats in the web interface of the application.
    • Create user accounts and delimit user access to application functions using a role-based system.
    • Configure authentication using single sign-on (SSO) technology.
    • Create a cluster to scale the solution (horizontally or vertically) with centralized management of all servers in the cluster using the application's web interface.
    • Manage Backup:
      • Save original messages that were scanned and processed by the application in Backup.
      • Save messages from Backup to a file.
      • Forward messages to recipients.
      • Receive information about users from different domains and grant users access to personal Backup.
      • Configure the personal Backup digest delivery.
    • Create allowlists and denylists, which let you fine-tune the way the mail system reacts to messages from certain addresses.
    • Update application databases from Kaspersky update servers and custom sources via a schedule or on demand.

      Updates functionality (including providing anti-virus signature updates and codebase updates), as well as KSN functionality will not be available in the software in the U.S. territory from 12:00 AM Eastern Daylight Time (EDT) on September 10, 2024 in accordance with the restrictive measures.

    • Configure email notifications:
      • Notify the sender, recipients, and other addresses about objects detected in a message.
      • Send notifications about application events to users.
    • Add email disclaimers to outgoing and incoming messages and add warnings about insecure message
    • Generate and view reports about the results of message processing and application events.
    • Process email messages in accordance with rules configured for groups of senders and recipients.
    • Add, modify, or delete information about domains (including local domains of the organization) and email addresses, edit Kaspersky Secure Mail Gateway settings for such domains and email addresses, and configure email routing.
    • Configure MTA.
    • Add, modify, and delete DKIM and TLS encryption keys.
    • Receive application operation statistics via the SNMP protocol, and enable or disable forwarding of SNMP traps.

KSMG is distributed as an ISO image of a virtual machine for deployment on a VMware ESXi, Microsoft Hyper-V, Microsoft Windows Server with the Hyper-V role, or RED Virtualization.

Deploying the image creates a virtual machine with a pre-installed Rocky Linux 9.3 operating system, a mail server, and the KSMG application. After deploying the virtual machine, you can configure it using the Initial Configuration Wizard.

See also

Application licensing

Scaling KSMG

Application installation and setup

Removing the application

KSMG interface

Getting started with the application

Integration of KSMG into the corporate mail infrastructure

Monitoring of application operation

General protection settings

Configuring the addition of X-headers to messages

Using message processing rules

Allowlists and denylists

Managing the cluster

Managing user accounts and roles


Backup Digest

Event log

Message queue


Configuring date and time

Configuring the proxy server connection settings

Updating KSMG

Upgrading KSMG to version 2.1

Installing the ksmg_upgrade_2.1.0.7854_openssh_cve_2024_6387

Updating KSMG databases

Exporting and importing settings

Participating in Kaspersky Security Network and using Kaspersky Private Security Network

Integration with an external directory service

KATA protection

Managing the application over SNMP

Email notifications of the application

Authentication using the single sign-on technology

Connecting to cluster nodes over the SSH protocol

Configuring MTA settings

DKIM signature for outgoing messages

Configuring TLS for KSMG

Domains and configuration of email routing

Publishing application events to a SIEM system

Contacting Technical Support

Information about third-party code

Trademark notices

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.