Kaspersky Security 9.x for Microsoft Exchange Servers


21 April 2023

ID 90

Active key

Key that is used at the moment to work with the application.

Anti-virus databases

Databases that contain information about computer security threats known to Kaspersky as of the anti-virus database release date. Anti-virus database signatures help to detect malicious code in scanned objects. Anti-virus databases are created by Kaspersky specialists and updated hourly.

Background scan

Operation mode of Anti-Virus for the Mailbox role when Anti-Virus scans messages and other Microsoft Exchange objects stored on a Microsoft Exchange server, searching for viruses and other security threats with the latest version of anti-virus databases. A background scan can be run either manually or upon a set schedule.


Special storage for backup copies of objects saved before their disinfection, removal or replacement. It is a service subfolder in the application data folder created during Security Server installation.

Container object

An object consisting of several objects, for example, an archive or a message with an attached letter. See also simple object.


A method of processing infected objects that results in full or partial recovery of data. Not all infected objects can be disinfected.

Domain Name System Block List (DNSBL).

Public lists of IP addresses known to generate spam.

Enforced Anti-Spam Updates Service

The service providing quick updates to the Anti-Spam database improving the efficiency of Anti-Spam against new emerging spam. To function properly, Enforced Anti-Spam Updates Service needs a permanent Internet connection.

File mask

Representation of a file name using wildcards. The standard wildcards used in file masks are * and ?, where * represents any number of any characters and ? stands for any single character.

Formal message

Message that is automatically generated and sent by mail clients or robots (for example, informing about the impossibility to deliver a message, or confirming user registration on a web resource).

Infected object

An object a portion of whose code completely matches part of the code of known malware. Kaspersky does not recommend using such objects.

Kaspersky CompanyAccount

Portal designed for sending online requests to Kaspersky and tracking their processing by Kaspersky experts.

Kaspersky Private Security Network

The solutions allows users of Kaspersky anti-virus applications to access Kaspersky Security Network databases without sending data from their computers to Kaspersky Security Network servers.

Kaspersky Security Network (KSN).

Infrastructure of cloud services that provides access to the Kaspersky online knowledge base containing information about the reputation of files, web resources, and software. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky applications to threats, improves the effectiveness of some protection components, and reduces the risk of false positives.

Kaspersky update servers

HTTP and FTP servers of Kaspersky from which Kaspersky applications download database and application module updates.

Key denylist

Database that contains information about the key files blocked by Kaspersky. The contents of the key denylist file are updated together with the databases.

License certificate

This is a document that is provided to you by Kaspersky together with a key file or activation code. It contains information about the license granted to the user.

License term

A time period during which you have access to the application features and rights to use additional services. Available functionality and specific additional services depend on the license type.

Malicious URLs

Web addresses leading to malicious resources, i.e. web resources designed to spread malware.

Managed device

Device with an installed security software suite connected to Kaspersky Security Center.

Management Console

Kaspersky Security application component. Provides a user interface for managing administrative tools and enables configuration of the application and management of the server component. The management module is implemented as an extension of the Microsoft Management Console.

Mass mail

Mass email messages authorized by the recipients, most often containing advertising messages.

Message deletion

Method of processing an email message, which entails physical removal of this message. It is recommended to apply this method to messages which unambiguously contain spam or malicious objects. Before deleting a message, a copy of it is saved in Backup (unless this option is disabled).

Object removal

The method of processing objects which ends in it being physically deleted from its original location (hard drive, folder, network resource). We recommend that this method be applied to dangerous objects which, for whatever reason, cannot be disinfected.

PCL rating

Phishing Confidence Level is a special tag used by Microsoft Exchange mail servers to measure the probability of the risk of phishing threats in a message. The PCL rating ranges from 0 to 8. A mail server considers a message with a PCL rating of 3 or lower to be free from phishing threats. A message with a rating of 4 or higher is considered a phishing message. Kaspersky Security can change the PCL rating of a message depending on the message scan results.

Personal data

Information that can be used to identify a person, directly or indirectly.


A kind of online fraud aimed at obtaining unauthorized access to confidential data of users.

Potential spam

A message that cannot be unambiguously considered spam, but has several spam attributes (e.g., certain types of mailings and advertising messages).

Probably infected object

An object whose code contains a modified segment of code of a known threat, or an object resembling a threat in the way it behaves.


A set of settings applied simultaneously to several Security Servers.

Proxy server

A computer network service which allows users to make indirect requests to other network services. First, a user connects to a proxy server and requests a resource (e.g., a file) located on another server. Then the proxy server either connects to the specified server and obtains the resource from it or returns the resource from its own cache (if the proxy has its own cache). In some cases, a user's request or a server's response can be modified by the proxy server for certain purposes.

Reserve key

Key that verifies the use of the application but is not used at the moment.

SCL rating

Spam Confidence Level is a special tag used by Microsoft Exchange mail servers to measure the spam probability of a message. The SCL rating can range from 0 (minim probability of spam) to 9 (the message is most probably spam). Kaspersky Security can change the SCL rating of a message depending on the message scan results.

Security Server

Server component of Kaspersky Security. Scans email traffic for viruses and spam, updates databases, ensures application integrity, stores statistical information, and provides administrative tools for remote management and configuration.

Simple object

Message body or simple attachment, for example, an executable file. See also container object.


Unsolicited mass e-mail, most often containing advertising messages.

Spam URI Realtime Block Lists (SURBL)

Public lists of hyperlinks to the resources advertised by spam senders.

Storage scan

Anti-virus scanning of messages stored on an e-mail server and the content of public folders using the latest database version. Background scans can be launched either automatically (using a schedule) or manually. The scan involves all protected public folders and mailbox storages. Scanning may reveal new viruses that had not been included in the database during earlier scans.

Unknown virus

A new virus that is not yet registered in the databases. The application usually detects unknown viruses in objects by means of the heuristic analyzer. Such objects are tagged as probably infected.


A function performed by a Kaspersky application that enables it to keep computer protection up-to-date. During the update, an application downloads updates for its databases and modules from Kaspersky's update servers and automatically installs and applies them.


A program that infects other ones by adding its code to them in order to gain control when infected files are run. This simple definition allows exposing the main action performed by any virus – infection.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.