Creating message processing rules

July 4, 2024

ID 43465

To create a new rule:

  1. To create a new rule, use the command:

    # /opt/kaspersky/klms/bin/klms-control --create-rule <rule name>

  2. Set the rule priority using the command:

    # /opt/kaspersky/klms/bin/klms-control \

    --set-rule-priority <rule ID> --before <rule ID>

    The value can be set using any natural number.

  3. Export rule settings to an XML file using the command:

    # /opt/kaspersky/klms/bin/klms-control \

    --get-rule-settings <rule ID> -f <rule settings file name> or

    --get-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

  4. Open the XML file to edit the rule settings.
  5. In the <belongingCriteria> section, specify the addresses of the sender and recipient in the <sender> and <recipient> settings, respectively.

    If you need to add several email addresses of senders and recipients, each new email address of the sender or recipient must be specified in a separate <item> section in a new line of the settings file.

    Example:

    <belongingCriteria>

    <sender>

    <item>

    <type>EMailMask</type>

    <value>*</value>

    </item>

    <item>

    <type>CIDR</type>

    <value>172.16.10.145</value>

    </item>

    </sender>

    <recipient>

    <item>

    <type>ExternalAccount</type>

    <value>CN=test10,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=sbs2k8,DC=local</value>

    </item>

    </recipient>

    </belongingCriteria>

    At least one of the sender, recipient values must be specified. If the description of the rule does not contain a sender or recipient value, the application applies the rule with the next highest priority.

    You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "re:".

    Regular expressions are not case-sensitive.

     

  6. In the <ScanSettings> section, specify 1 as the value of the <active> setting to activate the rule.
  7. Specify the rule mode. To do so, in the <ScanSettings> section use one of the following values for the <ruleAction> setting:
    • Scan, if you want the application to process messages according to the configured scan settings;
    • Skip (skip without scanning), if you want the program to process messages according to this rule in the same way it does according to the rule of the global white list of addresses.
    • Reject (reject without scanning), if you want the application to process messages according to this rule in the same way it does according to the rule of the global black list of addresses.
  8. If required, specify the values of the scan settings for Anti-Spam, Anti-Virus, and content filtering.

    If the values of these settings have not been configured for a rule, the default settings are used.

  9. Save the changes made.
  10. To import rule settings from an XML file, use the command:

    # /opt/kaspersky/klms/bin/klms-control \

    --set-rule-settings <rule ID> -f <rule settings file name> or

    --set-rule-settings <rule name> -n -f <rule settings file name>

    The <rule name> should be enclosed in double quotes if it contains blanks.

You can view the list of created rules later.

');
Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
');
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).