Configuring the Anti-Phishing scan settings for a rule
Configuring the Anti-Phishing scan settings for a rule
January 24, 2025
ID 73184
To configure the Anti-Phishing scan message processing settings:
- Export rule settings to an XML file using the command:
# /opt/kaspersky/klms/bin/klms-control \--get-rule-settings <rule ID> -f <rule settings file name>or--get-rule-settings <rule name> -n -f <rule settings file name>The
<rule name>should be enclosed in double quotes if it contains blanks. - Open the XML file to edit the rule settings.
- Specify the action you want the application to take on messages. To do so, in the
<apScanSettings>section specify the valueSkip, DeleteMessageorRejectfor the<phishingAction>setting if the message has status as Phishing or Malicious link.The default action is
Skip. - If you selected the
DeleteMessageaction at the previous step of the procedure, you can configure the application to move a copy of the message found to contain a phishing threat to Backup before deleting the message. To do so, in the<apScanSettings>section, specify the value1for the <backupPhishing> setting. - If you selected
Skipat Step 3 of the sequence, you can edit the text of the tag added to the Subject field of the message. To do so, in the<apScanSettings>section, specify the text of the stamp as the value for the following settings:<phishingMark>, if the message has Phishing status;<maliciousMark>, if the message has Malicious link status.
- Save the changes made.
- To import rule settings from an XML file, use the command:
# /opt/kaspersky/klms/bin/klms-control \--set-rule-settings <rule ID> -f <rule settings file name>or--set-rule-settings <rule name> -n -f <rule settings file name>The
<rule name>should be enclosed in double quotes if it contains blanks.
