Creating message processing rules

3 July 2024

ID 88114

To create a message processing rule:

  1. In the main window of the application web interface, open the management console tree and select the Rules section.
  2. In the upper part of the workspace, click Create.

    A new message processing rule opens.

  3. In the left pane, select the General section.
  4. On the Main tab:
    1. If you want the rule to be used, turn on the Status toggle switch.
    2. In the Rule name field, type the name of the new rule.

      The name of the rule must be unique among the list of KSMG rules.

    3. In the Description field, type the rule description.
    4. In the Mode settings group, select one of the following message processing options corresponding to criteria of the rule:
      • Use the settings of scan modules to use the settings of Anti-Virus, Anti-Spam, and Anti-Phishing modules as well as Content Filtering settings.

        The left pane displays sections where you can configure modules used by the rule.

      • Skip without scanning to deliver messages without scanning them.
      • Reject without scanning to reject messages without scanning them with Anti-Virus, Anti-Spam, or Anti-Phishing modules, or applying Content Filtering settings.
      • Delete without notifying the sender to delete messages without scanning them with Anti-Virus, Anti-Spam, or Anti-Phishing modules, applying Content Filtering settings, or notifying the sender about non-delivery.
    5. If you want to modify the priority of the rule, adjust the position of the rule in the rule table.

      By default, the rule is assigned the highest priority of all previously created rules.

  5. On the Senders and recipients tab:
    1. Under Sender, specify senders to which the rule must apply. You can specify senders on the following tabs:
      • Email
      • IP
      • LDAP: DN

      To apply the rule, you must specify at least one sender.

    2. Under Recipient, specify recipients to which the rule must apply. You can specify recipients on the following tabs:
      • Email
      • LDAP: DN

      To apply the rule, you must specify at least one recipient.

  6. If you want to send copies of the originals of all messages to specific addresses whenever a rule is triggered, on the Blind carbon copy tab, specify BCC recipients.

    When sending a BCC message, KSMG replaces the sender address in the value of the MAIL FROM command from the SMTP session with the address from which the application sends messages. If the BCC delivery fails, the address replacement prevents the original sender of the message from receiving a non-delivery report, from which they could become aware that the message was forwarded or find out information about the organization's mail servers. However, the original message data remain in the MIME headers, including From and To.

    A blind copy of the original message is sent to the BCC addresses regardless of the applied action. So BCC messages may contain malicious objects and pose security risks

    On the Blind carbon copy tab:

    • To add a BCC recipient address, click Add, enter the address, and click Confirm. or press ENTER.

      If necessary, repeat this step to add more addresses.

    • To paste an email address from the clipboard, click Import, type or paste the email addresses separated by semicolons or new lines, then click Import.
    • If you want to edit a previously added email address, click the address in the text box, make the necessary changes in edit mode and click Confirm.. If necessary, use search.
    • If you want to remove an address from the list, point to the address in the list and click the Delete. icon. To clear the list, click Delete all.
    • If you want to copy all email addresses added to the list, click Copy all.

    If not all addresses are displayed in the area, you can select the number of items you want to display in the drop-down list in the lower part of the area.

  7. If you want to edit or remove message headers when a rule is triggered, on the Actions on headers tab, do the following:
    1. If you want to remove message headers when a rule is triggered, under Delete headers, specify the headers that you want to remove.

      Modifying or deleting headers may lead to DKIM authentication failure or non-delivery of the message

      Headers are removed if a Skip, Delete attachment, or Disinfect action is taken on the message.

      You can specify headers to be removed on the following tabs:

      • Text
      • Wildcard
      • Regexp
    2. If you want to modify the message headers when a rule is triggered, under Modify headers, specify the headers you want to modify.

      Headers are modified if a Skip, Delete attachment, or Disinfect action is taken on the message.

      If the header is found in the message, it is removed, and a similar header with the specified value is added to the end of the list of headers. If the header is not present in the message, it is added to the end of the list of message headers.

      To add headers for editing, click Add, and in the displayed window, specify the name and value of the header that you want to modify, then click OK. If necessary, repeat these steps for other headers.

      The name and value of the header must contain only Latin letters (case-insensitive). The maximum length is 450 characters.

    You can remove headers from Modify headers. To do so, select the check boxes next to one or more headers that you want to remove, click Delete, and confirm the action.

  8. Click Save.

    If at least one list item under Sender and Recipient is specified in an unacceptable format, the rule cannot be saved. Fix all values highlighted with a red background and repeat the save operation.

The rule is created and added to the rule table in the Rules section.

For modified settings to be applied by KSMG, the rule must be enabled. By default, the new rule is disabled and not used by the application.

See also

Message processing rule configuration scenario

Configuring Anti-Virus protection

Configuring link scanning

Configuring Anti-Spam protection

Configuring Anti-Phishing protection

Configuring Content Filtering

Mail Sender Authentication

Notification settings for message scan events

Adding a Warning about insecure message

Adding email disclaimers

Configuring KATA protection

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.