Configuring global black and white lists of addresses
July 4, 2024
ID 60661
The settings of global black and white lists of addresses are contained in the preset BlackList (ID=2) and WhiteList (ID=3) message processing rules.
In addition, when creating a new rule, you can specify one of the rule modes: reject messages without scanning (in which case the application processes messages according to this rule in the same way as it does according to the BlackList rule) or skip messages without scanning (in which case the application processes messages according to this rule in the same way as it does according to the WhiteList rule).
To configure a global black or white list of addresses:
- Export the rule settings to an XML file using the command:
# /opt/kaspersky/klms/bin/klms-control \
--get-rule-settings <
rule ID> -f <
rule settings file name>
or--get-rule-settings <
rule name> -n -f <
rule settings file name>
The
<rule name>
should be enclosed in double quotes if it contains blanks.To export the settings of the BlackList rule, execute the command
# /opt/kaspersky/klms/bin/klms-control \
--get-rule-settings BlackList -n -f <
name of the rule settings file>
To export the settings of the WhiteList rule, execute the command
--get-rule-settings WhiteList -n -f <
name of the rule settings file>
- Open the XML file to edit the rule settings.
- Make the required changes in the <
belongingCriteria>
section, specifying the addresses of the sender and recipient in the<sender>
and<recipient>
settings, respectively.If you need to add several sender and recipient email addresses, each new email address must be in a separate
<item>
section, typed in a new string of the settings file.Example:
<belongingCriteria>
<sender>
<item>
<type>EMailMask</type>
<value>*</value>
</item>
<item>
<type>CIDR</type>
<value>172.16.10.145</value>
</item>
</sender>
<recipient>
<item>
<type>ExternalAccount</type>
<value>CN=test10,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=sbs2k8,DC=local</value>
</item>
</recipient>
</belongingCriteria>
You can use the symbols "*" and "?" to create an address mask, and regular expressions beginning with the prefix "re:".
Regular expressions are not case-sensitive.
- In the
<ScanSettings>
section, specify1
as the value of the <active
> setting to activate the rule. - Save the changes made.
- To import rule settings from an XML file, use the command:
# /opt/kaspersky/klms/bin/klms-control \
--set-rule-settings <rule ID> -f <rule settings file name>
or--set-rule-settings <rule name> -n -f <rule settings file name>
The
<rule name>
should be enclosed in double quotes if it contains blanks.