Message processing rule configuration scenario
July 3, 2024
ID 203001
You can modify general protection settings that are applied to all message processing rules in the Settings → General section.
- Creating a rule
When you create a rule, you must specify sender and recipient addresses, whose messages are to be processed in accordance with the settings of the rule, as well as the message processing mode. Other general rule settings are optional.
- Anti-Virus protection of messages
KSMG scans email messages for viruses and other threatening programs using the Anti-Virus module.
You can enable or disable Anti-Virus scanning of messages for the rule. If Anti-Virus scan is enabled in the rule, you can configure the scan depending on object type:
- Infected and probably infected objects, as well as legitimate programs that can be exploited by hackers
- Objects with errors encountered during scanning
- Encrypted objects
- Attachments with macros
- Link scanning
KSMG checks if the links in the body of the message are malicious, that is, if they lead to web sites that distribute malware. You can also enable the detection of advertising links and links relevant to legitimate programs.
- Anti-Spam protection
KSMG filters messages passing through the mail server to remove unsolicited mail (spam) using the Anti-Spam module.
You can enable or disable Anti-Spam protection for the rule. If Anti-Spam protection is enabled for a rule, you can configure the scan depending on object type:
- Spam
- Probable spam
- Mass mail
- Anti-Phishing protection
KSMG filters messages passing through the mail server to remove phishing using the Anti-Phishing module.
You can enable or disable Anti-Phishing protection for the rule.
- Content filtering of messages
KSMG performs Content Filtering of messages that pass through the mail server.
You can enable or disable Content Filtering for the rule. If Content Filtering is enabled for a rule, you can restrict the relaying of messages by the mail server in accordance with the following criteria:
- Message size
- Attachment names
- Attachment file types
- Message subject
- Message body
- Sender
- Recipient
- Recipient of a copy of the message
- Top-level headers of the MIME structure of the message
- Mail Sender Authentication
Mail Sender Authentication is designed to provide additional protection for your corporate mail infrastructure against spam and phishing.
KSMG uses the following Mail Sender Authentication technologies:
- SPF authentication (Sender Policy Framework).
- DKIM authentication (DomainKeys Identified Mail).
- DMARC authentication (Domain-based Message Authentication, Reporting and Conformance).
- Notifications of message scan results
You can set up notifications about message scan events to be emailed to addresses from the configured general list, the sender, recipients, or other addresses.
- Warnings about insecure messages
You can configure a Warning template text to be added to the body of the message that has one of the following scan statuses:
- Encrypted;
- Infected;
- Error;
- Phishing;
- Link scanning.
- Email disclaimers
An email disclaimer (hereinafter also "disclaimer") is a text that the application can add at the end of an email message.
You can enable or disable disclaimers for one or more message processing rules and configure disclaimer templates.
- KATA protection
KSMG can be integrated with Kaspersky Anti Targeted Attack Platform and send messages to the KATA server to be scanned.
You can enable or disable KATA protection for a rule. If KATA protection is enabled in a rule, you can select a specific action for messages in which objects were detected, indicate whether or not the application should place the messages in Backup, and configure a tag to be added to the subject of messages.