Using message processing rules

3 July 2024

ID 88778

A message processing rule (hereinafter also referred to as a "rule") is a set of parameters and actions applied by the application to messages that meet specific criteria. For a rule to be applied to a message, the addresses of the sender and recipient must be specified in the rule settings.

By default, the application contains the following preset message processing rules:

  • AllowList processes messages from the global allowlist.
  • DenyList processes messages from the global denylist.
  • Default processes messages according to the settings predefined by Kaspersky.

    The AllowList and DenyList rules are disabled by default.

When Kaspersky Secure Mail Gateway processes an email message, it applies rules in accordance with their priority, that is, in the order of occurrence in the rule table, top to bottom. If the combination of sender-recipient addresses does not match, the application moves on to the next rule. As soon as it finds the sender-recipient pair of addresses in any rule, the program applies the processing settings configured in that rule to the message, and the search for a match is finished.

If multiple LDAP accounts correspond to an email address, the rule is applied if at least one of these accounts matches its criteria. Strictly one rule triggers for each sender-recipient pair.

If none of the rules contains the "sender - recipient" pair of addresses, the message is processed in accordance with the preset settings of the Default rule.

If the message has a DKIM signature, it can be damaged if applied processing rules modify the subject or body of the message, remove attachments, treat malicious objects, or add disclaimers to the body of the message.

For each rule, you can configure your own email message processing criteria and select an action that is applied to the messages. If multiple application modules are triggered and they have different response actions configured, the stricter action is performed (Delete messageRejectDelete attachmentSkip).

We recommend to configure the Reject action only if the Kaspersky Secure Mail Gateway application is directly integrated into the mail infrastructure, that is, if it acts as an Edge Gateway.
If the application is integrated behind a third-party Edge Gateway, that is, it functions as an interior gateway, applying the Reject action will result in the Edge Gateway generating non-delivery notifications (DSN, Delivery status notification). Sending such notifications to non-existent email addresses may degrade the reputation of the edge gateway on the Internet.

In this Help section

Viewing the rule table

Configuring rule table display

Message processing rule configuration scenario

Examples of message processing rule configuration

Viewing rule information

Enabling and disabling a message processing rule

Changing rule settings

Deleting message processing rules

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.