Table of Contents

Advertisement

Quick Links

KASPERSKY LAB
®
Kaspersky
Anti-Spam 3.0
ADMINISTRATOR'S
GUIDE

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ANTI-SPAM 3.0 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Summary of Contents for KAPERSKY ANTI-SPAM 3.0

  • Page 1 KASPERSKY LAB ® Kaspersky Anti-Spam 3.0 ADMINISTRATOR'S GUIDE...
  • Page 2 ® K A S P E R S K Y A N T I - S P A M 3 . 0 Administrator's Guide © Kaspersky Lab http://www.kaspersky.com Revision date: May 2007...
  • Page 3: Table Of Contents

    Contents CHAPTER 1. KASPERSKY ANTI-SPAM 3.0..............6 1.1. What's new in version 3.0 ..................7 1.2. Licensing policy ..................... 9 1.3. Hardware and software requirements ..............9 1.4. Distribution kit ...................... 10 1.5. Help desk for registered users ................11 CHAPTER 2.
  • Page 4 Kaspersky Anti-Spam 3.0 4.3. Filtration policy management ................32 4.3.1. General filtration policy ................. 33 4.3.1.1. The General section ................34 4.3.1.2. The DNS & SPF Checks section ............36 4.3.1.3. The Headers Checks section ..............37 4.3.1.4. The Eastern Encodings section ............39 4.3.1.5.
  • Page 5 Contents CHAPTER 6. FREQUENTLY ASKED QUESTIONS........... 78 APPENDIX A. ADDITIONAL INFORMATION ON KASPERSKY ANTI-SPAM..82 A.1. Location of product files in the file system............82 A.2. Client modules for mail servers ................83 A.2.1. Interaction of client modules with the filtering server ........83 A.2.2.
  • Page 6: Chapter 1. Kaspersky Anti-Spam 3.0

    CHAPTER 1. KASPERSKY ANTI- SPAM 3.0 ® Kaspersky Anti-Spam 3.0 (hereinafter also referred to as Kaspersky Anti- Spam or the product) is a software suite filtering e-mail in order to protect mail system users from unsolicited mass mail (spam). Kaspersky Anti-Spam uses administrator-defined rules to process received messages accordingly.
  • Page 7: What's New In Version 3.0

    Kaspersky Anti-Spam 3.0 Second, the application employs content filtration, i.e. it analyzes the actual message contents (including the Subject header) and attached files . The product uses to that effect linguistic algorithms based on comparison with sample messages and search for typical terms (words and word combinations). Kaspersky Anti-Spam also scans attached images comparing them to the signatures of known spam messages.
  • Page 8 Kaspersky Anti-Spam 3.0 • Enhanced subsystem analyzing graphic attachments (GSG), • Added support for the use of Sender Policy Framework (SPF) and Spam URL Realtime Blocklists (SURBL) services. • Included internal Urgent Detection System (UDS), which allows the user to receive information about certain types of spam in real time.
  • Page 9: Licensing Policy

    Kaspersky Anti-Spam 3.0 1.2. Licensing policy The licensing policy for Kaspersky Anti-Spam 3.0 implies a system of product use limitations based on the following criteria: • Mail traffic volume. • The number of protected mail accounts. • The number of mail systems users. The said limitations will only apply to the messages addressed to the senders within protected domains.
  • Page 10: Distribution Kit

    Kaspersky Anti-Spam 3.0 • FreeBSD 6.2. • One of the following mail servers: • Sendmail 8.13.5 with Milter API support. • Postfix 2.2.2. • Qmail 1.03. • Exim 4.50. • Communigate Pro 4.3.7. • Installed bzip2 and which utilities. • Perl interpreter.
  • Page 11: Help Desk For Registered Users

    Kaspersky Anti-Spam 3.0 and the money you paid for the product will be refunded to you on the condition that the envelope with the installation CD (or set of floppy disks) is still sealed. By opening the sealed envelope with the installation CD (or set of floppy disks), you confirm that you agree with all the terms and conditions of the License Agreement.
  • Page 12: Chapter 2. Architecture Of Kaspersky Anti-Spam And Principles Of Spam Filtering

    CHAPTER 2. ARCHITECTURE OF KASPERSKY ANTI-SPAM AND PRINCIPLES OF SPAM FILTERING This section contains descriptions of the main product components and the principles of filtering as well as the Control Center, the main tool for Kaspersky Anti-Spam administration and configuration. 2.1.
  • Page 13 Architecture of Kaspersky Anti-Spam and principles of spam filtering Figure 1. The architecture of Kaspersky Anti-Spam • Control Center – web-based interface that administrators can use to configure the product, analyze its status and functionality. • Monitoring system – a system that tracks the status of Kaspersky Anti-Spam and its individual components and notifies system administrator about various problems in product operation.
  • Page 14 Kaspersky Anti-Spam 3.0 The distribution package of Kaspersky Anti-Spam includes client plug-ins for Sendmail, Postfix, Exim, Qmail and Communigate Pro. As a rule, a client plug-in must be installed as a filter providing for receipt of messages to be analyzed from the mail server and for the subsequent return of modified e-mail.
  • Page 15 Architecture of Kaspersky Anti-Spam and principles of spam filtering • monitoring of requests from client modules for connection to the filtering process; • initiation of new filtering processes when there are no available processes left; • monitoring the status of running processes; •...
  • Page 16: Recognition Technology

    Kaspersky Anti-Spam 3.0 Kaspersky Anti-Spam 3.0 processes e-mail traffic using the following algorithm: Client plug-in module integrates with an installed mail server. Mail server transfers to the client module messages for analysis by the filtration server. Filtration server checks messages scanning them for signs of spam and, depending upon the result, modifies them in accordance with the existing rules.
  • Page 17: Content Filtration

    Architecture of Kaspersky Anti-Spam and principles of spam filtering 2.2.2. Content filtration Message analysis employs the algorithms of content filtering: the application uses artificial intelligence technologies to analyze the actual message content (including the Subject header), and its attachments (attached files) in the following formats: •...
  • Page 18: Checks Using External Services

    Kaspersky Anti-Spam 3.0 2.2.3. Checks using external services In addition to the analysis of message text and headers, Kaspersky Anti-Spam allows a number of the following checks involving external network services: • availability of a DNS record for message sender's IP (reverse DNS lookup);...
  • Page 19: Recognition Results And Actions Over Messages

    Architecture of Kaspersky Anti-Spam and principles of spam filtering The UDS technology allows filtering of known spam before updates to the content filtration databases become available. A filtration server interacts with UDS servers of Kaspersky Lab via UDP using port 7060 for communication. In order to use UDS, a filtration server must be able to establish outgoing connections through that port.
  • Page 20: Content Filtration Databases

    Kaspersky Anti-Spam 3.0 After recognition, the application may perform one of the following actions over a message: • accept the message; • relay the message or a copy thereof to another address; • add a text mark in the message subject field; •...
  • Page 21: Filtration Policies

    Architecture of Kaspersky Anti-Spam and principles of spam filtering 2.5. Filtration policies Kaspersky Anti-Spam employs filtration policies to determine the methods applicable for spam recognition, the actions to be performed over messages and the black and white lists of senders. The product uses a double-layered system of filtration policies, which consists of a default general filtration policy and group filtration policies.
  • Page 22: Monitoring

    Kaspersky Anti-Spam 3.0 2.7. Monitoring Kaspersky Anti-Spam includes a monitoring module for control of the filtration server status. System status information appears in the Monitoring tab of the Control Center. Figure 2. The Monitoring tab of the Control Center The section contains parameters tracked by the monitoring system and the messages from product modules, which you can use to analyze the current status of Kaspersky Anti-Spam components.
  • Page 23: Chapter 3. Installing Kaspersky Anti-Spam

    CHAPTER 3. INSTALLING KASPERSKY ANTI-SPAM This section contains information about the procedure of program installation, integration of client plug-in modules with the host mail server and configuring access to the Control Center, the main product management tool. 3.1. Preparing for installation Before you proceed with Kaspersky Anti-Spam installation, it is necessary to: •...
  • Page 24: Installing Kaspersky Anti-Spam Distribution Package

    Kaspersky Anti-Spam 3.0 3.2. Installing Kaspersky Anti-Spam distribution package Kaspersky Anti-Spam 3.0 is distributed in several installation packages: • .rpm package for most distributions of the Linux operating system (RedHat, SuSe, Mandrake, Fedora, etc.); • .deb package for Debian Linux distribution; •...
  • Page 25: Configuring Access To The Control Center

    Installing Kaspersky Anti-Spam 3.3. Configuring access to the Control Center Upon completion of product setup, the installer runs the kas-thttpd service, which provides local access to the Control Center. The following settings are used by default: • Address: http://127.0.0.1:3080/ • User name: admin.
  • Page 26: Installing The License Key

    Kaspersky Anti-Spam 3.0 The interface and port number to be used for connection to the Control Center are specified in the /usr/local/ap-mailfilter3/etc/kas-thttpd.conf file using the host and port parameters respectively. E.g., the following values: host=0.0.0.0 port=3080 mean that the Control Center will listen on port 3080 of all server interfaces expecting incoming connections.
  • Page 27: Integrating Kaspersky Anti-Spam With Your Mail Server

    Installing Kaspersky Anti-Spam If a license key has not been installed or the installed key is invalid, Kaspersky Anti-Spam will not filter mail. Mail server performance will not be affected; its e- mail traffic will just be transferred without analysis. Please keep in mind that the product will only filter mail for those recipients, whose accounts are added into the list of protected domains.
  • Page 28 Kaspersky Anti-Spam 3.0 • To integrate Kaspersky Anti-Spam with Postfix, run the following command as root: # /usr/local/ap-mailfilter3/bin/config-postfix.pl <path> where path stands for the path to the master.cf Postfix configuration file. • To integrate Kaspersky Anti-Spam with Exim, run the following command as root: # /usr/local/ap-mailfilter3/bin/config-exim.pl <path>...
  • Page 29: Configuring Updates Of Content Filtration Databases And Uds Use

    Installing Kaspersky Anti-Spam 3.6. Configuring updates of content filtration databases and UDS By default after installation of Kaspersky Anti-Spam updates to the content filtration databases and UDS are disabled. In order to allow updating of the databases and activate UDS, run the enable-updates.sh script: # /usr/local/ap-mailfilter3/bin/enable-updates.sh Restarting as mailflt3 Enabling UDS...
  • Page 30: Chapter 4. Managing The Spam Filtration Server

    CHAPTER 4. MANAGING THE SPAM FILTRATION SERVER You can use Kaspersky Anti-Spam to protect e-mail traffic from unwanted spam mail. The system of protection is based on performance of tasks representing the main features of the application. The tasks performed by Kaspersky Anti-Spam can be subdivided into three main groups: •...
  • Page 31: Kaspersky Anti-Spam Control Center

    Managing the spam filtration server • restart – restart the main components of the filtration server; the action is identical to running the stop and start actions one after another. The kas-thttpd service providing access to the Control Center of Kaspersky Anti- Spam is started by the kas3-control-center script (in Linux) and kas3-control- center.sh script (in FreeBSD).
  • Page 32: Filtration Policy Management

    Kaspersky Anti-Spam 3.0 • Statistics – the function containing statistical reports, which allow you to analyze the number of messages processed by the system. • Policies – the section used for customization of spam filtering policy. • Settings – the section containing the settings of the anti-spam engine, Control Center, and the subsystem updating the content filtration databases.
  • Page 33: General Filtration Policy

    Managing the spam filtration server • Groups – the settings of user groups, recognition policies applicable to individual groups and the sets of actions over messages: • Group list – the section for managing user groups: creation, deletion of groups, and launching the editor of group properties. The parameters of group policies can be configured in the group policy editor.
  • Page 34: The General Section

    Kaspersky Anti-Spam 3.0 In addition to the section titles, the list contains the following information: • brief section description; • total number of rules in a section; • the number of modified rules compared with the original settings of the content filtration databases.
  • Page 35 Managing the spam filtration server In the General section you can configure the following parameters: • Detection defines whether the product checks messages for spam signs. If spam recognition is disabled, all messages will be assigned the Trusted status (please refer to section 2.3 on page 19 for details on statuses).
  • Page 36: The Dns & Spf Checks Section

    Kaspersky Anti-Spam 3.0 DNS and DNS-based checks may result in considerably slower message processing. Disable the method if its use reduces filter performance noticeably. This parameter determines the use of DNS services by the filtration server. Individual services can be enabled / disabled in the DNS & SPF Checks section (see section 4.3.1.2 on page 36).
  • Page 37: The Headers Checks Section

    Managing the spam filtration server • Check SPF Records – sender's IP address check using SPF. Figure 6. The DNS & SPF Checks section 4.3.1.3. The Headers Checks section The Headers Checks section (see Fig. 7) allows you to configure the parameters of rules used to analyze e-mail message headers.
  • Page 38 Kaspersky Anti-Spam 3.0 which, being applied, may filter out useful mail with certain known signs of spam. These signs include: • Undisclosed list of recipients in TO – the presence of an undisclosed list of recipients in the TO header. •...
  • Page 39: The Eastern Encodings Section

    Managing the spam filtration server 4.3.1.4. The Eastern Encodings section The Eastern Encodings section (see Fig. 8) allows you to specify the languages and encodings of messages allowed for delivery to the recipients within your mail system without being considered spam. Figure 8.
  • Page 40: Managing The White And Black Lists

    Kaspersky Anti-Spam 3.0 Figure 9. The Obscene Content section of the default filtration policy rules 4.3.2. Managing the white and black lists The list of trusted senders (White List) is used to specify explicitly the addresses acting as a reliable source of messages, which do not need a spam check. You can add to such lists, for example, IP addresses of e-mail servers used for mail redirection within your company or the addresses of internal mailing lists.
  • Page 41 Managing the spam filtration server Figure 10. Configuration page for the white list A list of trusted senders consists of a list of e-mail addresses and a list of IP addresses. You can enter the addresses in a text field in the central part of the page.
  • Page 42: Managing The Lists Of Employed Dnsbl Services

    Kaspersky Anti-Spam 3.0 IP addresses are recorded in the CIDR notation, which allows the following variations: • aaa.bbb.ccc.ddd – a specific IP address, for example, 192.168.0.17; • aaa.bbb.ccc.ddd/mm – subnet address with a specified number and mask, for example, 192.168.0.0/16. Addresses in lists can be delimited by spaces, line feed symbols, commas or semicolons.
  • Page 43 Managing the spam filtration server Service rating means the service reliability from the viewpoint of filtration server administrator. While checking a sender's IP address in DNSBL, Kaspersky Anti- Spam sends a request to all services included in the list. As soon as the results arrive, it sums up the ratings of services, which have recognized the specified IP address as one used for dispatch of unsolicited mail.
  • Page 44: Managing The List Of Protected Domains

    Kaspersky Anti-Spam 3.0 4.3.4. Managing the list of protected domains The list of protected domains contains the names of domains receiving traffic, which will be filtered from spam that may appear in the stream of incoming messages. manage list using page Policies →...
  • Page 45: Group Management

    Managing the spam filtration server For domains added to the protected list the product will control compliance with the license limitations (e.g., control of mail traffic volume if the license uses a restriction of that parameter). You can also enter changes to the list of protected domains locally from the command line.
  • Page 46 Kaspersky Anti-Spam 3.0 Let us examine closely each of these tasks: In order to open the group properties' editor, Click the button to the right of the title indicating the group, which you wish to modify. Figure 13. The list of groups used by Kaspersky Anti-Spam The group properties' editor allows you to configure: •...
  • Page 47 Managing the spam filtration server The Group Id field contains group identifier assigned to it at creation. That parameter cannot be changed. Text entered in the Comments field will be displayed in the group list under the name of the created group. E-mail addresses are recorded in format identical to the format of addresses in black and white lists of senders (see section 4.3.2 on page 40).
  • Page 48: Managing The Group Filtration Policy

    Kaspersky Anti-Spam 3.0 4.3.6. Managing the group filtration policy You can specify individual settings of spam recognition parameters and black and white lists of senders for each of the groups, including All. Thus, the administrator can define various recognition rules for different user groups. By default, the settings of the recognition rules for every group inherit the values specified in the default filtration policy.
  • Page 49: Actions Over Messages

    Managing the spam filtration server As you can see in the image, the group inherits all default policy settings (set to by default) except for the DNS & SPF Checks parameter. The said method is disabled. You can create black and white lists of senders using the White List and Black List links in the Group Policy menu.
  • Page 50 Kaspersky Anti-Spam 3.0 • Delete this message – mail server accepts a message and deletes it without redirection to the recipient. Message sender then will receive no notifications informing that the delivery was impossible. Figure 16. The Actions page of a group filtration policy Messages with the Not detected status (i.e.
  • Page 51: Updating The Content Filtration Databases

    Managing the spam filtration server Although the product is being constantly developed in order to improve spam recognition and decrease the number of false alarms from the filter, it is not possible to eliminate altogether the probability of recognizing normal messages as spam.
  • Page 52 Kaspersky Anti-Spam 3.0 Figure 17. The settings of Kaspersky Anti-Spam updater module The Updater Settings sections contains general updating parameters: • Run updater automatically – the interval between downloads of updates to the content filtration databases from update servers. The interval can be specified within the range from 20 minutes to 3 hours.
  • Page 53 Managing the spam filtration server • Updater log level – parameter that defines the level of details logged to a report file during an update. The following levels of details are available: • fatal – the program logs messages about fatal errors only; •...
  • Page 54: Initiating An Update

    Kaspersky Anti-Spam 3.0 • an FTP server. Record format: ftp://<server address>; • a local directory. Record format: /<directory path>/. The use of a local directory as a source of updates allows you to arrange updating of several servers in a large network from a single source.
  • Page 55: Configuring The Spam Filtration Server

    Managing the spam filtration server you need to configure the task running the update script manually, perform the following steps: Use the following command to edit the cron task file for the mailflt3 user: # crontab –u mailflt3 –e Add to the task file, for example, the following line: */20 * * * * /usr/local/ap-mailfilter3/bin/ \ sfupdates -q Before you configure automatic launch of updates, make sure that the mailflt3...
  • Page 56: Common Filtration Server Parameters

    Kaspersky Anti-Spam 3.0 4.5.1. Common filtration server parameters Common parameters of the filtration server can be found in the Settings → Anti- Spam Engine → Common page (see Fig. 18) that includes: • Syslog facility – system log facility that will be used to record the messages from the components of Kaspersky Anti-Spam.
  • Page 57: Parameters Of The Filtration Master Process

    Managing the spam filtration server FreeBSD for the mail facility decreases the level of details even if the Verbose level parameter has been assigned the more debug value. The more debug level of details causes additional load on the server and may decrease its performance.
  • Page 58: Parameters Of The Filtering Processes

    Kaspersky Anti-Spam 3.0 Figure 19. Parameters of the filtration master process 4.5.3. Parameters of the filtering processes The Settings → Anti-Spam Engine → Filtration Process page (see Fig. 20) contains the parameters of the ap-mailfilter filtering processes: • Max. number of mail messages to be processed – maximum number of mail messages that a single filtering process can serve.
  • Page 59: Spam Recognition Parameters

    Managing the spam filtration server • Exit delay (in seconds) – maximum duration (seconds) of the delay before termination of a filtering process after it receives a command to stop. By default, the parameter is set to 0. It means that after arrival of a respective command all filtering processes terminate immediately after processing of the current message.
  • Page 60 Kaspersky Anti-Spam 3.0 • Overall timeout of all DNS requests (in seconds) – time interval (seconds) during which the application will wait for a response from DNS server while running its DNS-based checks. Default value: 10. • Check MS Word and RTF files – parameter that enables / disables the analysis of text attachments in Word Document (doc) and RTF formats.
  • Page 61: Client Module Settings

    Managing the spam filtration server 4.5.5. Client module settings The Settings → Anti-Spam Engine → MTA Clients page (see Fig. 22) contains the settings for the client plug-in modules responsible for interaction between the e-mail server and the anti-spam engine: •...
  • Page 62: Notifications About Rejected Messages

    Kaspersky Anti-Spam 3.0 Figure 22. The settings of client modules 4.5.6. Notifications about rejected messages If the Reject this message action has been specified as the action over messages with a specific status, filtration server will not route such messages to their original recipients.
  • Page 63: Control Center Settings

    Managing the spam filtration server Client: >>> Client: >>> Message text ... Client: >>> Client: . Server: 550 The message is rejected by spam filtering engine. Client: QUIT Server: 221 Bye... Anti-spam engine will only use Reject messages when message delivery to all of the specified recipients is forbidden according to the scanning results.
  • Page 64: Managing The License Keys

    Kaspersky Anti-Spam 3.0 • Specify the address where the monitoring system will send its messages and the messages about errors that have occurred during execution of scripts by the cron service (the Send alerts to parameter). • Enable / disable monitoring of the kas-thttpd HTTP server activity (the Monitoring of kas-thttpd daemon parameter).
  • Page 65: Viewing The License Information

    Managing the spam filtration server • Updates to Kaspersky Anti-Spam databases. After the license expires, the functionality of the application will still be preserved except for the possibility to update content filtration databases. You will still be able to filter spam, but you will be unable to use the databases issued after your license expiration date.
  • Page 66: Installing A New License Key

    Kaspersky Anti-Spam 3.0 Information in the last two lines allows system administrators to control the compliance with the terms of the purchased license (validity period, specified restrictions). Depending upon the current status, the icon in the left part of the line may look as follows: –...
  • Page 67: License Key Removal

    Managing the spam filtration server 4.7.3. License key removal In order to remove the current and reserve license keys, enter the following in the command line: # /usr/local/ap-mailfilter3/bin/remove-key -a To remove your reserve license key, enter the following in the command line: # /usr/local/ap-mailfilter3/bin/remove-key -r License keys cannot be removed using the interface of Control Center.
  • Page 68 Kaspersky Anti-Spam 3.0 Figure 26. General information about the status of Kaspersky Anti-Spam components The System Information section contains the following information about the server where Kaspersky Anti-Spam is installed: • Host Name – server's name. • System – name, version and architecture type of the operating system being used.
  • Page 69: Detailed Information About The Anti-Spam Engine

    Managing the spam filtration server 4.8.1.1. Detailed information about the Anti- Spam Engine Clicking the Anti-Spam Engine link in the Monitoring menu opens a corresponding page containing detailed information about the status of the filtration server's components (see Fig. 27). Figure 27.
  • Page 70: Detailed Information About The Updater Module

    Kaspersky Anti-Spam 3.0 controls the cron tasks running these scripts for mailflt3 user. Please refer to Appendix A.6 on page 115 for details. The Last Anti-Spam Engine Events section contains a log of messages from the filtration server components appended to the system log (syslog). The messages are arranged in the descending order according to their date;...
  • Page 71: Detailed Information About The Licensing Module

    Managing the spam filtration server The Anti-Spam Updates section in the upper part of the page consists of the following fields: • Automatic Updates – field indicating whether automatic updating of the content filtration databases is enabled. Please see section 4.4.1 on page 51 and Appendix A.6 on page 115 for details about configuration of the script updating the content filtration databases.
  • Page 72: Monitoring System Messages And Reports

    Kaspersky Anti-Spam 3.0 Figure 29. The page for monitoring of the licensing module The Last License Daemon Events section contains a log of messages returned by the product licensing module and appended to the system log (syslog). The messages are arranged in the descending order according to their date; they are supplemented by respective icons indicating the level of message importance.
  • Page 73: Kaspersky Anti-Spam Statistics

    Managing the spam filtration server the problem is not resolved, it will also be included into the report on known issues sent once a day. • Daily reports of known problems – a list of all errors and warnings known at the moment when the report was sent. The product includes into the report both new errors and known issues, which have not been resolved before report generation.
  • Page 74 Kaspersky Anti-Spam 3.0 Figure 30. The Statistics page Each of the pages in the Statistics section contains statistical information for a specific period of time. Links to available pages are located in the Period menu in the right part of the Statistics window: •...
  • Page 75 Managing the spam filtration server On the circular graph the volume of email messages, that have received a similar status as a result of spam recognition, is represented by a segment of a certain color. For the purpose of visualization the segments, which size is insignificant comparing to another segments, are combined in a single segment Other.
  • Page 76: Chapter 5. Unistalling Kaspersky Anti-Spam

    CHAPTER 5. UNISTALLING KASPERSKY ANTI-SPAM To uninstall Kaspersky Anti-Spam, you must be a privileged (root) user. If you are currently logged under a user account with lesser privileges, log on as root. The uninstallation process will automatically stop all the services of Kaspersky Anti-Spam! When you are uninstalling Kaspersky Anti-Spam, the application services will be stopped, and all files and directories created during installation will be deleted.
  • Page 77 Unistalling Kaspersky Anti-Spam Since product integration with Communigate Pro mail server is performed manually, delete from Communigate Pro configuration the settings pertaining to Kaspersky Anti-Spam before you uninstall the product (see section A.2.7 on page 97). If you wish to return the original mail server settings used before Kaspersky Anti- Spam installation without removing it, use the MTA-unconfig.pl script located in the /usr/local/ap-mailfilter3/bin directory.
  • Page 78: Chapter 6. Frequently Asked Questions

    CHAPTER 6. FREQUENTLY ASKED QUESTIONS This chapter is devoted to questions most frequently asked by users regarding the installation, setup, and operation of the application. A regularly updated Knowledge Database containing answers to most frequent questions available site Kaspersky http://support.kaspersky.com/anti_spam3. You can also use it to find answers to questions that are not mentioned below.
  • Page 79 Frequently asked questions Question: The application does not work. What should I do? If you have encountered a problem while using the application, first of all, please make sure that the solution to this problem is not described in this document particular, this...
  • Page 80 Kaspersky Anti-Spam 3.0 In the next window of the web form enter your contact information, type the code of protection against automatic registration and click the Submit button. Experts at the Technical Support service will carefully examine your problem and help you as soon as possible. Question: How can I make sure that Kaspersky Anti-Spam actually filters spam messages? In order to check filtering, you can use the GTUBE (Generic Test for...
  • Page 81 Frequently asked questions Question: Kaspersky Anti-Spam does not filter spam. Processed messages contain the following header: X-SpamTest-Info: No License This problem is caused by expired license or absence of an installed license key. Make sure that the license key is installed and it has not expired.
  • Page 82: Appendix A. Additional Information On Kaspersky Anti-Spam

    APPENDIX A. ADDITIONAL INFORMATION ON KASPERSKY ANTI-SPAM A.1. Location of product files in the file system After the installation of Kaspersky Anti-Spam, the distribution files will be saved to the following locations: /usr/local/ap-mailfilter3/ – the main directory where the product is installed. It includes: •...
  • Page 83: Client Modules For Mail Servers

    Appendix A • stat/ – the directory containing data files of log processing and statistics gathering system; • tmp/ – the directory that stores temporary files of the Control Center; • www/ – cgi-scripts and graphic files used by the Control Center’s web interface.
  • Page 84: Global Settings Of Client Modules

    Kaspersky Anti-Spam 3.0 1. The client module receives a mail message from the mail server and sends a request for connection to the filtering server. 2. The master process selects an already running filtering process or creates a new one, and establishes a connection between the client module and the given filtering process.
  • Page 85: Kas-Milter - A Client Module For The Sendmail Mail Server

    Appendix A • tempfail – temporarily reject a message and return the error code 4xx during SMTP session (used by default); • accept – accept the message. When using Sendmail mail server, accept denotes that a message should be accepted without further processing by other Milter-filters employed by the server after Kaspersky Anti-Spam.
  • Page 86 Kaspersky Anti-Spam 3.0 Manual configuration of the client module is done by editing the filter.conf configuration file located in the /usr/local/ap-mailfilter3/etc/ directory. The following is a fragment of this file containing the client module settings: ClientConnectTo tcp:127.0.0.1:2277 ClientConnectTimeout 10 ClientDataTimeout 30 SendMailAddress unix:/var/run/kas-milter.socket ClientOnError accept ClientFilteringSizeLimit 500...
  • Page 87: Kas-Pipe - A Client Module For The Postfix And Exim Mail Servers

    Appendix A and the rules defined for the managers group state that all messages with Not Detected status should be accepted. As a result, the mail message with [!! SPAM] tag in the subject line is delivered to the both recipients.
  • Page 88 Kaspersky Anti-Spam 3.0 Figure 32. The kas-pipe module usage scheme This scheme can be implemented with any mail server that either supports running a second instance with different settings, or delivers via LMTP protocol, or delivers all mail to the specified mail server through SMTP. Configuration of client module interaction with mail server can be performed with special scripts (see the item 3.5 on page 27), and manually.
  • Page 89 Appendix A • PipeOutgoingAddr – socket address used for transfer of processed messages. An entry in the format tcp:<host>:<port>, where <host> – filtering server’s IP address, <port> – connection port, points to a network socket. and entry in format unix:<path_to_file>, where <path_to_file> – the path to socket file, points to a local socket.
  • Page 90 Kaspersky Anti-Spam 3.0 A.2.4.1. Configuring Postfix to work with kas- pipe This section provides an example of the kas-pipe configuration for the Postfix mail server that implements the following operational scheme: • kas-pipe acts as a content filter (content_filter); • kas-pipe receives mail through the localhost:9026 network socket and the kas3scan service defined manually in the Postfix configuration file;...
  • Page 91 Appendix A user=mailflt3 argv=/usr/local/ap-mailfilter3/bin/ kas-pipe 127.0.0.1:9025 inet smtpd -o smtpd_authorized_xforward_hosts=127.0.0.0/8 -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions= permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=no -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o receive_override_options= no_address_mappings kas3scan unix smtp -o smtp_send_xforward_command=yes ### KASPERSKY ANTI-SPAM END ###...
  • Page 92 Kaspersky Anti-Spam 3.0 The kas-pipe client module integrated into Exim processes mail messages according to the following scheme: 1. Exim receives incoming messages at port 25 and places them to a queue. 2. Exim selects a message from the queue and tries each router in the list to determine the exact router for the selected message.
  • Page 93 Appendix A For the Debian distribution package, the integration with Exim has a number of specific features because the configuration of the mail server is generated by a special script update-exim4.conf from template /etc/exim4/exim4.conf.template or from several templates located in the /etc/exim4/conf.d/ directory.
  • Page 94: Kas-Exim - A Client Module For The Exim Mail Server

    Kaspersky Anti-Spam 3.0 kas-exim A.2.5. – a client module for the Exim mail server The kas-exim module provides integration of Kaspersky Anti-Spam with the Exim mail server version 4.xx using localscan API. The kas-exim module is used as an alternative solution. For a standard installation, integration with Exim is implemented using the kas-pipe client module.
  • Page 95 Appendix A This fragment contains the following options: • kas_connect_to – address of the socket for interacting with the filtering server. The address format is tcp:<host>:<port>, where <host> is the IP-address of the filtering server, <port> is a port specifying the network socket;...
  • Page 96: Kas-Qmail - Client Module For The Qmail Mail Server

    Kaspersky Anti-Spam 3.0 kas-qmail A.2.6. – client module for the Qmail mail server The kas-qmail module provides integration of Kaspersky Anti-Spam with the Qmail mail server. When this module is used, the mail traffic is processed using the following algorithm: The qmail-queue module of Qmail is replaced with the kas-qmail client module, which transfers incoming mail to the filtering server for further processing.
  • Page 97: Kas-Cgpro - A Client Module For The Communigate Pro Mail Server

    Appendix A In addition to the options provided in Appendix A.2.2, this file contains the QmailOriginalQueue option that specified the full path to the original qmail- queue module. To configure Qmail to work with the kas-qmail client module, do the following: Rename the original file of the qmail-queue module using the following command: # mv /var/qmail/bin/qmail-queue...
  • Page 98 Kaspersky Anti-Spam 3.0 Below is a fragment of the filter.conf file that contains settings of the client module: ClientConnectTo tcp:127.0.0.1:2277 ClientConnectTimeout 10 ClientDataTimeout 30 CGProSubmittedFolder Submitted CGProMaxThreadCount 50 CGProLoopHeader X-Proceed_240578_by_spamtest CGProAllTransports No ClientFilteringSizeLimit 500 ClientDefaultDomain localhost In addition to the options described in Appendix A.2.2, the following additional options are used to configure kas-cgpro: •...
  • Page 99: Kaspersky Anti-Spam Configuration Files

    Appendix A Data: Message Size Operation: less than Parameter: 512000 Action: external filter Parameters: kas-cgpro Specific features of using kas-cgpro with Communigate Pro: • During an SMTP session, the kas-cgpro client module cannot reject an incoming message for which the reject this message action is specified. Instead, Communigate Pro sends a bounce message to the sender that the message cannot be delivered to the recipient.
  • Page 100: Main Configuration File Filter.conf

    Kaspersky Anti-Spam 3.0 filter.conf A.3.1. Main configuration file The configuration file /usr/local/ap-mailfilter3/etc/filter.conf contains that regulate operation of all Kaspersky Anti-Spam components (excluding the updating module). General settings: • RootPath – path to the Kaspersky Anti-Spam installation directory. The default value is /usr/local/ap-mailfilter3. •...
  • Page 101 Appendix A • ServerSpareFilters – minimum number of idle filtering processes (not processing messages). If the number of processes exceeds the specified limit, the idle processes are forcedly ended. The default value is 0. The ServerSpareFilters value must not exceed the ServerMaxFilters parameter.
  • Page 102 Kaspersky Anti-Spam 3.0 • FilterSPFDataTimeout=1..10 – timeout (in seconds) for read / write operations for the interaction socket used by the filtering process with the SPF daemon. The default value is 1. • FilterDNSTimeout=1...60 – timeout (in seconds) for performing all possible checks using DNS.
  • Page 103 Appendix A • LicenseIdleTimeout=1...100 – maximum time (in seconds), during which the licensing module can maintain connection with an idle filtering process that sends no data. After this timeout is over and if no requests are received from the filtering process, the connection is terminated. The default value is 30.
  • Page 104: Configuration File Kas-Thttpd.conf

    Kaspersky Anti-Spam 3.0 • reject – reject the message and return the 5xx code during an SMTP session; • tempfail – temporarily reject the message and return the 4xx code during an SMTP session (used by default); • accept – accept the message. •...
  • Page 105: Kaspersky Anti-Spam Utilities

    Appendix A This file has the following options: • user – the rights of this user are used to run Management Center scripts. It is better not to change the default value of mailflt3, because this might result in incorrect system behavior. •...
  • Page 106: Kas-Show-License

    Kaspersky Anti-Spam 3.0 • –с – option that specifies that it is necessary to create a new file with passwords. If the value for this option is not set, the password_file option should be set to an existing file. • –h –...
  • Page 107: Remove-Key

    Appendix A • –v – instruction to provide more verbose information in the messages output to the console in comparison with the default level. • –V <details_level> – instruction to use the specified level of details for the messages output to the console. Possible values: 1...10. •...
  • Page 108: Kas-Restart

    Kaspersky Anti-Spam 3.0 • –l – instruction to use higher level of details for messages added to system log in comparison with the default level; • –L <details_level> – – instruction to use the specified level of details for the messages added to system log. Possible values: 1...10; •...
  • Page 109: Mkprofiles

    Appendix A • –q – enables “silent” mode, when only error messages and warning are output to the screen; • –d – displays a detailed report about the operations performed by the utility; • –v – instruction to provide more verbose information in the messages output to the console in comparison with the default level;...
  • Page 110: Sfmonitoring

    Kaspersky Anti-Spam 3.0 • –l <log_file> – saves the report about actions performed by the utility to the file defined by the log_file parameter. • –q – enables “silent” mode, when only error messages and warning are output to the screen. •...
  • Page 111 Appendix A # /usr/local/ap-mailfilter3/bin/sfupdates \ [-c <configuration_file>] [-f] [-k <kas-conf_script>] [-s]\ [-q] [-v] [-d] [-V <details_level>] [-l]\ [-L < details_level >] [-h] Command line options: • –c <configuration_file> – redefines the path to the filter.conf configuration file. If filter.conf is located in a directory other than the default, specify a complete path to the filter.conf file as a value for the configuration_file parameter.
  • Page 112: Special Headers Of The Filtering Module

    Kaspersky Anti-Spam 3.0 A.5. Special headers of the filtering module During processing email messages, Kaspersky Anti-Spam adds the following headers to processed messages: • X-Spamtest-Version – header that contains information about the version of the Kaspersky Anti-Spam distribution package. • X-Spamtest-Status X-Spamtest-Status-Extended –...
  • Page 113 Appendix A Header Meaning Description blacklisted sender this message is in the black list of senders. spam Message is classified as spam. probable_spam Message is classified as probably spam. formal Message is classified as a formal response of the mail server. not_detected Message is not classified either...
  • Page 114 Kaspersky Anti-Spam 3.0 • X-SpamTest-Method – header that contains the names of methods whose results were used to assign the status to a message. Possible meanings of this header are listed in the table below. Meaning Method Filtering by the white list of IP white ip list addresses.
  • Page 115: Configuration Using Cron Service

    Appendix A Meaning Method the status. No one of these methods allows to None classify the message. Such messages receive the Not detected status. A.6. Configuration using cron service Successful operation of Kaspersky Anti-Spam requires that you run a set of scripts using the cron service for the mailflt3 user.
  • Page 116 Kaspersky Anti-Spam 3.0 Startup command: /usr/local/ap-mailfilter3/control/bin/dologs.sh –q Recommended startup frequency: once a minute. • Script for updating statistic diagrams. This script creates diagrams for the statistics of processed messages. The diagrams are displayed in the Statistics section of the Management Center.
  • Page 117 Appendix A • Add a list of paths to the main system utilities, including the sendmail utility, as the value of the PATH variable. The default value is /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin. • Specify the address to which messages about script execution will be sent.
  • Page 118: Appendix B. How To Send Spam Messages To Spam Analysts

    APPENDIX B. HOW TO SEND SPAM MESSAGES TO SPAM ANALYSTS Kaspersky Lab thanks all users who send new examples of spam messages to the group of our spam analysts. These spam messages help us respond faster to new methods of spam distribution and block them as early as they appear. You can also send us examples of messages that were erroneously recognized as spam.
  • Page 119 Appendix B the selected messages as the attachments to the new message. To forward spam using The Bat! Mail client, do the following: • If you want to manually forward a message, select one or several spam messages and click Alternative Forward. This command is located in the Specials menu on the toolbar.
  • Page 120: Appendix C. Kaspersky Lab

    APPENDIX C. KASPERSKY LAB Founded in 1997, Kaspersky Lab has become a recognized leader in information security technologies. It produces a wide range of data security software and delivers high-performance, comprehensive solutions to protect computers and networks against all types of malicious programs, unsolicited and unwanted e- mail messages, and hacker attacks.
  • Page 121: Other Kaspersky Lab Products

    Appendix C C.1. Other Kaspersky Lab Products Kaspersky Lab News Agent The News Agent is intended for timely delivery of news published by Kaspersky Lab, notifications about the current status of virus activity, and fresh news. The program reads the list of available news feeds and their content from the Kaspersky Lab news server at specified intervals.
  • Page 122 Kaspersky Anti-Spam 3.0 • Select standard/extended databases for scanning • Save a report on the scanning results in .txt or .html formats ® Kaspersky Anti-Virus Kaspersky Anti-Virus 6.0 is designed to safeguard personal computers against malicious software as an optimal combination of conventional methods of anti- virus protection and new proactive technologies.
  • Page 123 Appendix C The anti-virus protection features include: • Anti-virus scanning of e-mail traffic on the level of data transmission protocol (POP3, IMAP and NNTP for incoming mail and SMTP for outgoing messages), regardless of the mail client being used. The program includes plug-ins for popular e-mail clients (such as Microsoft Office Outlook, Microsoft Outlook Express/Windows Mail, and The Bat!) and supports disinfection of their e-mail databases.
  • Page 124 Kaspersky Anti-Spam 3.0 Kaspersky Anti-Virus Mobile ® Kaspersky Anti-Virus Mobile provides antivirus protection for mobile devices running Symbian OS and Microsoft Windows Mobile. The program provides comprehensive virus scanning, including: • On-demand scans of the mobile device's onboard memory, memory cards, an individual folder, or a specific file;...
  • Page 125 Appendix C • Remote administration of the software package, including centralized installation, configuration, and administration; • Saving backup copies of infected and deleted objects in case you need to restore them; • Quarantining suspicious objects; • Send notifications on events in program operation to the system administrator;...
  • Page 126 Kaspersky Anti-Spam 3.0 • Remote administration of the software package, including centralized installation, configuration, and administration; ® • Support for Cisco NAC (Network Admission Control); • Scanning of e-mail and Internet traffic in real time; • Blocking of popup windows and banner ads when on the Internet;...
  • Page 127 Appendix C • Proactive Defense for workstations from new malicious programs whose signatures are not yet added to the database; • Scanning of e-mail and Internet traffic in real time; • Personal Firewall with intrusion detection system and network attack warnings; •...
  • Page 128 Kaspersky Anti-Spam 3.0 • Secure operation while using Wi-Fi networks; • Scans Internet traffic in real time; • Rollback for malicious system modifications; • Dynamic resource redistribution during complete system scans; • Quarantining suspicious objects; • An extensive reporting system on protection system status; •...
  • Page 129 Appendix C • Filters Internet traffic using a trusted server list, object types, and user groups; • iSwift technology to avoid rescanning files within the network; • Dynamic resource redistribution during complete system scans; • Personal Firewall with intrusion detection system and network attack warnings;...
  • Page 130 Kaspersky Anti-Spam 3.0 • Processes e-mails, databases, other objects Lotus Notes/Domino servers; • Filters e-mails by attachment type; • Quarantines suspicious objects; • Easy-to-use administration system for the program; • Prevents virus outbreaks; • Monitors protection system status using notifications; •...
  • Page 131: Contact Us

    Appendix C ® Kaspersky Anti-Spam ® Kaspersky Anti-Spam is a cutting-edge software suite designed to help organizations with small- and medium-sized networks wage war against the onslaught of unsolicited e-mail messages (spam). The product combines the revolutionary technology of linguistic analysis with modern methods of e-mail filtration, including DNS Black Lists and formal letter features.
  • Page 132: Appendix D. Third Party Software

    APPENDIX D. THIRD PARTY SOFTWARE In the process of development of Kaspersky Anti-Spam 3.0, the following third party software was used: Berkeley DB 1.85 library can be used on the following terms and conditions: Copyright (c) 1990, 1993, 1994 The Regents of the University of California. All rights reserved.
  • Page 133 Appendix D libjpeg 6b library can be used on the following terms and conditions: LEGAL ISSUES ============ In plain English: We don't promise that this software works. (But if you find any bugs, please let us know!) You can use this software for whatever you want. You don't have to pay us. You may not pretend that you wrote this software.
  • Page 134 Kaspersky Anti-Spam 3.0 We specifically permit and encourage the use of this software as the basis of commercial products, provided that all warranty or liability claims are assumed by the product vendor. ansi2knr.c is included in this distribution by permission of L. Peter Deutsch, sole proprietor of its copyright holder, Aladdin Enterprises of Menlo Park, CA.
  • Page 135 Appendix D modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
  • Page 136 Kaspersky Anti-Spam 3.0 thttpd web-server can be used on the following terms and conditions: Copyright 1995,1998,1999,2000,2001 by Jef Poskanzer <jef@acme.com>. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  • Page 137 Appendix D licenses and copyright statments in these functions if you are using an OS that needs these functions. The two-clause BSD license: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  • Page 138 Kaspersky Anti-Spam 3.0 Neither the name of the University, Merit Network, nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS"...
  • Page 139 Appendix D THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT LIMITED...
  • Page 140 Kaspersky Anti-Spam 3.0 zlib library can be used on the following terms and conditions: zlib.h -- interface of the 'zlib' general purpose compression library version 1.1.3, July 9th, 1998 Copyright (C) 1995-1998 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.
  • Page 141 Appendix D PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  • Page 142 Kaspersky Anti-Spam 3.0 Redistributions are accompanied by a copy of the Source Code or by an irrevocable offer to provide a copy of the Source Code for up to three years at the cost of materials and delivery. Such redistributions must allow further use, modification, and redistribution of the Source Code under substantially the same terms as this license.
  • Page 143 Appendix D Disclaimer/Limitation of Liability: THIS SOFTWARE IS PROVIDED BY SENDMAIL, INC. AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL SENDMAIL, INC., REGENTS...
  • Page 144 Kaspersky Anti-Spam 3.0 The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. written permission, please contact openssl- core@openssl.org. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL"...
  • Page 145 Appendix D Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package.
  • Page 146 Kaspersky Anti-Spam 3.0 FreeBSD libc library can be used on the following terms and conditions: Copyright (C) 1992-2005 The FreeBSD Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  • Page 147 Appendix D THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;...
  • Page 148: Appendix E. License Agreement

    APPENDIX E. LICENSE AGREEMENT End User License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT") LICENSE SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED KASPERSKY ("KASPERSKY LAB"). IF YOU HAVE PURCHASED THIS SOFTWARE VIA THE INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE LEGAL ENTITY) CONSENT TO BE BOUND BY AND BECOME PARTY TO THIS AGREEMENT.
  • Page 149 Appendix E THE RIGHT TO RETURN AND REFUND EXTENDS ONLY TO THE ORIGINAL PURCHASER. All references to "Software" herein shall be deemed to include the software activation key ("Key Identification File") with which you will be provided by Kaspersky Lab as part of the Software. 1.
  • Page 150 Kaspersky Anti-Spam 3.0 1.1.4 You shall not make error corrections to, or otherwise modify, adapt, or translate the Software, nor create derivative works of the Software, nor permit any third party to copy the Software (other than as expressly permitted herein). 1.1.5 You shall not rent, lease or lend the Software to any other person, nor transfer or sub-license your license rights to any other person.
  • Page 151 Appendix E may terminate this Agreement at any point by destroying all copies of the Software and the Documentation. 3. Support. (i) Kaspersky Lab will provide you with the support services ("Support Services") as defined below for a period of one year following: (a) Payment of its then current support charge, and: (b) Successful completion of the Support Services Subscription Form as provided to you with this Agreement or as available on the Kaspersky Lab...
  • Page 152 Kaspersky Anti-Spam 3.0 information, but without limitation to the foregoing shall use best endeavours to maintain the security of the Key Identification File. 6. Limited Warranty. (i) Kaspersky Lab warrants that for six (6) months from first download or installation the Software purchased on a physical medium will perform substantially in accordance with the functionality described in the Documentation when operated properly and in the manner specified in the Documentation.
  • Page 153 Appendix E (a) Loss of revenue; (b) Loss of actual or anticipated profits (including for loss of profits on contracts); (c) Loss of the use of money; (d) Loss of anticipated savings; (e) Loss of business; (f) Loss of opportunity; (g) Loss of goodwill;...

Table of Contents