About information X-headers

Based on the results of the scan, the application appends special information X-headers to the header of the message, for example:

• X-KSMG-Rule-ID – list of message processing rule IDs.
• X-KSMG-Message-Action – action taken by the application on the message, and the application module that was triggered.
• X-KSMG-AntiVirus – header for messages processed by the Anti-Virus module (contains the name and version of the application as well as the release date of Anti-Virus databases).
• X-KSMG-AntiVirus-Status – status assigned to the message by the Anti-Virus module based on the Anti-Virus scan results.
• X-KSMG-AntiSpam-Lua-Profiles – version of Anti-Spam databases and information about the assigned spam rating.
• X-KSMG-AntiSpam-Method – method used to identify spam.
• X-KSMG-AntiSpam-Rate – rating assigned to the message by the Anti-Spam module.
• X-KSMG-AntiSpam-Status – status assigned to the message by the Anti-Spam engine based on the scan results.
• X-KSMG-AntiSpam-Envelope-From – message sender.
• X-KSMG-AntiSpam-Auth – status assigned to the message as a result of Mail Sender Authentication using SPF, DKIM, DMARC technologies.
• X-KSMG-AntiSpam-Version – version of the Anti-Spam module.
• X-KSMG-AntiSpam-Info – criteria which the Anti-Spam module applied to assign the status to the message.
• X-KSMG-AntiSpam-Moebius-Timestamps – information about signatures of the Moebius service.
• X-KSMG-AntiPhishing – header for messages processed by the Anti-Phishing module (contains the result of the scan).
• X-KSMG-LinksScanning – header for messages processed by the URL Advisor module (contains the scan result and the release date of the Anti-Virus databases).
• X-KSMG-KATA-Status – status assigned to the message by the KATA Protection module based on the scan results.
• X-KSMG-AntiSpam-Interceptor-Info – message scan result.

  The header can contain the following values:

  • not scanned – the Anti-Spam module is disabled.
  • timeout expired – the scan was not completed because timeout was reached.
  • scan successful – the message was scanned successfully.
  • fallback – the scan was not completed because an error was encountered.

Based on the results of the scan by the Anti-Virus module, the application adds the X-KSMG-AntiVirus-Status information header to the MIME part of the message has one of the following statuses: Infected, Error, or Encrypted.

Based on the results of the Anti-Spam scan, the application can add to the message the X-MS-Exchange-Organization-SCL information header containing the SCL rating. You can manage the addition of information X-headers to messages. For example, you can disable the addition of KSMG information X-headers to the headers of messages that are sent outside the organization to prevent disclosing the presence of KSMG in the infrastructure.

KSMG allows configuring the modification or removal of message headers. For example, by removing headers you can hide the path that the message takes between mail servers of your organization, whereas adding a header can be used for subsequent message processing by another system.

You can configure the removal or addition of headers in the following cases:

• When a rule is triggered.
• When a Content Filtering expression is triggered.
• When a Content Filtering error occurs.

All actions on headers are performed only for those messages that will be delivered to recipients, based on the results of scanning by application modules.

KSMG applies the configured actions to headers in the following order:

1. Adding information headers based on message scan results.
2. Removing the specified headers in the following order: headers removed when a processing rule is triggered → headers removed when a Content Filtering expression is triggered.

   In case of a Content Filtering error, the order of header removal is as follows: headers removed when a processing rule is triggered → headers removed when a Content Filtering error occurs.

3. Modifying the specified headers in the following order: headers modified when a processing rule is triggered → headers modified when a Content Filtering expression is triggered.

   In case of a Content Filtering error, the order of header modification is as follows: headers modified when a processing rule is triggered → headers modified when a Content Filtering error occurs.