What's new

3 July 2024

ID 171315

KSMG 2.1 introduces the following new functionality as compared to 8.0 MP3.


  • New cluster architecture for scaling the solution (horizontally or vertically) with the capability to centrally manage all servers of the cluster through the application web interface.
  • The new version is provided as two distribution types:
    • ISO file with a pre-installed operating system, mail server, and Kaspersky Anti-Virus application. Detailed information is provided in the help for this distribution type.
    • RPM or DEB installation package. The application is installed on an operating system prepared by the administrator and integrated with the a pre-installed MTA. This distribution type of KSMG 2.1 continues and builds upon the functionality of Kaspersky Security for Linux Mail Server versions 8.0 MP3 and 10. Detailed information about this distribution type is provided in this document.

Operating system

Support for new versions of operating systems:

  • Rocky Linux 8.9, 9.3
  • Ubuntu 20.04 LTS, 22.04 LTS
  • Red Hat Enterprise Linux 8.9, 9.3

Protection technologies

  • Improved mechanism for detecting sophisticated attacks aimed at compromising corporate correspondence (such as BEC attacks and Active Directory spoofing attacks).
  • Added spam detection technology based on recognition of spoofed domains (look-alike).
  • Message processing rules now support the URL advisor module, which allows detecting malicious links, advertising links, and links relevant to legitimate software, while distinguishing them from phishing links.
  • Added identification of the reputation of IP addresses during scans by the Anti-Spam module.

Processing email traffic


  • In rules, you can specify Distinguished Names of users, groups, or contacts from the LDAP cache as the message sender or recipient address.
  • Encoding is taken into account when adding disclaimers and warnings to the body of the message.
  • The handling of large lists of email addresses and IP addresses, user and contact DN records in custom lists, rules, and settings of Backup digest have been improved. Data can be added manually, imported from the clipboard, exported to the clipboard, and searched in the list.
  • The following changes were implemented in the Content Filtering module:
  • You can configure actions to be performed on message headers when a message processing rule or a Content Filtering expression is triggered, or a Content Filtering error occurs.
  • You can configure a BCC message to be sent to a specific address when a processing rule is triggered.

Managing the application


Event log


  • Integration with KATA for detecting and blocking objects. Support for integration with high-availability KATA using HAProxy.
  • Integration with Kaspersky Security Center is used only for database updates.
  • The after-queue integration method is not supported for integration with the Postfix mail server.
  • Integration with the Nginx web server is supported. The Apache web server is not supported.
  • The ZIP format of the KPSN configuration file is no longer supported. You can use a PKCS7 configuration file.
  • A broader range of data can be sent to the SIEM system.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.