Direct integration

Direct integration is the type of integration where Kaspersky Secure Mail Gateway receives email messages directly from the Internet and relays them to internal mail servers, and also receives messages from internal mail servers and relays them to the Internet.

To configure direct integration of Kaspersky Secure Mail Gateway into the corporate mail infrastructure:

1. Add local domains of your organization for which Kaspersky Secure Mail Gateway will receive email messages from any sources including untrusted sources.
   1. In the application web interface window, select the Settings → Built-in MTA → Domains section.
   2. Click Add domain.

      In the record creation window, add the relevant domain or subdomain and turn on the Local domain switch.

   3. If necessary, configure routing.

      By default, Kaspersky Secure Mail Gateway uses the settings of the DNS server for email routing. You can manually configure email routing for an individual domain.

   4. Click Save.
   5. Repeat steps 'b' to 'd' for each domain or subdomain that you want to add.

   If local domains are not specified, Kaspersky Secure Mail Gateway will not be receiving messages for internal mail servers.

   Kaspersky Secure Mail Gateway will receive messages from untrusted sources only for specified domains. Messages from untrusted sources intended for other domains are rejected.

2. Create a list of trusted networks and network hosts that are allowed to send email messages via Kaspersky Secure Mail Gateway. To do so:
   1. In the application web interface window, select the Settings → Built-in MTA → Basic Settings section.
   2. In the Trusted networks field, add addresses or hosts in IPv4 or IPv6 format.

      As a rule, these are internal networks and network hosts of the organization.

      If trusted networks are not specified, Kaspersky Secure Mail Gateway will not be receiving messages from internal mail servers and relaying them outside the network of your organization.

   3. Click Save.
3. If necessary, enable SMTP verification of recipient email addresses.

   SMTP verification of email addresses involves verifying the existence of recipient email addresses.

   1. In the application web interface window, select the Settings → Built-in MTA → Advanced Settings section.
   2. In the Reject messages for recipients drop-down list, select the Reject for unverified recipients mode of SMTP verification of recipient addresses.

      The application rejects the message if the recipient's server is unavailable or rejects the request (reject_unverified_recipient).

      SMTP Recipient Address Verification is not performed when Kaspersky Secure Mail Gateway receives messages from trusted network hosts.

      If SMTP verification of recipient addresses is disabled, a delivery failure notification is sent when an attempt is made to deliver a message to a nonexistent address. This increases the volume of email traffic and may increase the load on the mail server.

   3. Click Save.
4. If necessary, enable the Mail Sender Authentication module in the message processing rules that you are using.

The integration of Kaspersky Secure Mail Gateway into the existing corporate email infrastructure is configured.