Support

Support for business applications

Kaspersky Security 8.0 for Linux Mail Server

Managing the application through the command line interface using the klms-control utility

Content filtering of messages

Configuring content filtering by attachment name

Kaspersky Security 8.0 for Linux Mail Server
Knowledge Base Online Help
Advice & Solutions FAQ Forum Contact support Product videos

Configuring content filtering by attachment name

July 4, 2024

ID 62593

To configure content filtering of messages by attachment name:

  1. Export rule settings to an XML file using the command:

    # /opt/kaspersky/klms/bin/klms-control \

    --get-rule-settings <rule ID> -f <rule settings file name> or

    --get-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

  2. Open the XML file to edit the rule settings.
  3. Enable content filtering of messages. To do so, in the <engineSettings> subsection of the <cfScanSettings> section, specify the value 1 for the <enableScan> setting.
  4. In the <cfScanSettings> section, <engineSettings> subsection, in the <bannedFileNames> setting, specify file names that are banned in attachments.

    You can use masks and regular expressions in attached file names. Names can contain any characters. Use semicolons ";" to separate the names.

    Regular expressions and masks are not case-sensitive.

    For example, you can enter the *.exe name mask to restrict transmission of messages that include attachments with the EXE extension.

    If you need to add several file names, each file name must be in a separate <item> section, typed in a new string of the settings file.

    Example:

    <bannedFileNames>

    <item>*.exe</item>

    </bannedFileNames>

    Example of adding common executable files to the list of banned attachments:

    Example:

    <bannedFileNames>

    <item>re:.*\.(scr|cpl|com|bat|cmd|vbs|pif|lnk|url|exe|bvs|spl|dll)$</item>

    <item>re:^[^\t\n]*\.[A-Za-z0-9]+\.(exe|vbs|cpl|dll)[. ]*$</item>

    </bannedFileNames>
  5. Specify the action you want the application to take on messages with attachments that have forbidden names. To do so, in the <cfScanSettings> section, specify the value Skip, DeleteMessage, DeleteAttachment or Reject for the <bannedFileNameAction> setting.

    The default action is Reject.

  6. If necessary, you can configure the application to move copies of messages with attachments that have forbidden names to Backup. To do so, in the <cfScanSettings> section, specify the value 1 for the <backupBannedFileName> setting.
  7. Save the changes made.
  8. To import rule settings from an XML file, use the command:

    # /opt/kaspersky/klms/bin/klms-control \

    --set-rule-settings <rule ID> -f <rule settings file name> or

    --set-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.