KASPERSKY LAB Kaspersky® Anti-Spam 3.
KASPERSKY® ANTI-SPAM 3.0 Administrator's Guide © Kaspersky Lab http://www.kaspersky.
Contents CHAPTER 1. KASPERSKY ANTI-SPAM 3.0................................................................. 6 1.1. What's new in version 3.0 ..................................................................................... 7 1.2. Licensing policy ..................................................................................................... 8 1.3. Hardware and software requirements .................................................................. 9 1.4. Distribution kit .........................
Kaspersky Anti-Spam 3.0 4.2. Kaspersky Anti-Spam Control Center................................................................. 31 4.3. Filtration policy management .............................................................................. 32 4.3.1. General filtration policy ................................................................................. 33 4.3.1.1. The General section .............................................................................. 34 4.3.1.2.
Contents 5 CHAPTER 5. UNISTALLING KASPERSKY ANTI-SPAM ........................................... 77 CHAPTER 6. FREQUENTLY ASKED QUESTIONS................................................... 79 APPENDIX A. ADDITIONAL INFORMATION ON KASPERSKY ANTISPAM 83 A.1. Location of product files in the file system.......................................................... 83 A.2. Client modules for mail servers .......................................................................... 84 A.2.1.
CHAPTER 1. KASPERSKY ANTISPAM 3.0 Kaspersky® Anti-Spam 3.0 (hereinafter also referred to as Kaspersky AntiSpam or the product) is a software suite filtering e-mail in order to protect mail system users from unsolicited mass mail (spam). Kaspersky Anti-Spam uses administrator-defined rules to process received messages accordingly.
Kaspersky Anti-Spam 3.0 Second, the application employs content filtration, i.e. it analyzes the actual message contents (including the Subject header) and attached files1. The product uses to that effect linguistic algorithms based on comparison with sample messages and search for typical terms (words and word combinations). Kaspersky Anti-Spam also scans attached images comparing them to the signatures of known spam messages.
Kaspersky Anti-Spam 3.0 3. • Added support for the use of Sender Policy Framework (SPF) and Spam URL Realtime Blocklists (SURBL) services. • Included internal Urgent Detection System (UDS), which allows the user to receive information about certain types of spam in real time. An absolutely new user interface. Kaspersky Anti-Spam 3.0 uses Control Center, which allows you to perform the following operations: 4.
Kaspersky Anti-Spam 3.0 • The number of protected mail accounts. • The number of mail systems users. 9 The said limitations will only apply to the messages addressed to the senders within protected domains. The list of protected domains receiving the traffic that the product will filter can be customized in the Control Center (see section 4.3.4 on page 44). E-mail sent to recipients in domains that are not included into the list will not be filtered.
Kaspersky Anti-Spam 3.0 • Installed bzip2 and which utilities. • Perl interpreter. 1.4. Distribution kit You can purchase Kaspersky Anti-Spam either from our dealers (retail box) or online (for example, you may visit http://www.kaspersky.com, and go to E-Store section). The contents of the retail box package include: • Sealed envelope with an installation CD, or set of floppy disks, containing the application files. • Administrator's Guide. • License key written on a special floppy disk.
Kaspersky Anti-Spam 3.0 After purchasing a license you become a registered user and during the license period you can enjoy the following services: • application module and anti-virus database updates; • support on issues related to the installation, configuration and use of the application. Services will be provided by phone or via email; • information about new Kaspersky Lab products.
CHAPTER 2. ARCHITECTURE OF KASPERSKY ANTI-SPAM AND PRINCIPLES OF SPAM FILTERING This section contains descriptions of the main product components and the principles of filtering as well as the Control Center, the main tool for Kaspersky Anti-Spam administration and configuration. 2.1. Product structure Kaspersky Anti-Spam 3.0 is a spam recognition and filtering system functioning as an integral part of an appropriate mail server. Kaspersky Anti-Spam 3.
Architecture of Kaspersky Anti-Spam and principles of spam filtering 13 Figure 1. The architecture of Kaspersky Anti-Spam • Control Center – web-based interface that administrators can use to configure the product, analyze its status and functionality. • Monitoring system – a system that tracks the status of Kaspersky Anti-Spam and its individual components and notifies system administrator about various problems in product operation.
Kaspersky Anti-Spam 3.0 The distribution package of Kaspersky Anti-Spam includes client plug-ins for Sendmail, Postfix, Exim, Qmail and Communigate Pro. As a rule, a client plug-in must be installed as a filter providing for receipt of messages to be analyzed from the mail server and for the subsequent return of modified e-mail. Client plug-in modules are started by their respective mail servers. The sole exception is Sendmail, which does not launch a client plug-in.
Architecture of Kaspersky Anti-Spam and principles of spam filtering 15 • initiation of new filtering processes when there are no available processes left • monitoring the status of running processes • termination of child processes upon an appropriate signal (e.g., SIGHUP). If traffic volume is considerable, the number of running filtration processes can reach several dozens. When the mail server load becomes lower, idle filtering processes will terminate.
Kaspersky Anti-Spam 3.0 3. Filtration server checks messages scanning them for signs of spam and, depending upon the result, modifies them in accordance with the existing rules. 4. Client plug-in module returns processed messages to the mail server for delivery. 2.2. Recognition technology Kaspersky Anti-Spam offers powerful tools for spam detection in e-mail traffic. This section contains a brief overview of spam recognition technologies implemented in the product. 2.2.1.
Architecture of Kaspersky Anti-Spam and principles of spam filtering • HTML (2.0, 3.0, 3.2, 4.0, XHTML 1.0) • Microsoft Word (versions 6.0, 95/97/2000/XP) • RTF. 17 The purpose of spam filtering is to decrease the volume of unwanted messages in the mailboxes of your users. It is impossible to guarantee detection of all spam messages because too strict criteria would inevitably cause filtering of some normal messages as well.
Kaspersky Anti-Spam 3.0 • availability of a DNS record for message sender's IP (reverse DNS lookup); • the presence of the sender's IP address in a DNS-based real time black hole list or lists (DNSBL); • a check of the sender's address for compliance with SPF (Sender Policy Framework) policy for the domain containing the server used to send the message; • a check of addresses and links to sites in message text for the presence in the Spam URL Realtime Blocklists database – www.surbl.org.
Architecture of Kaspersky Anti-Spam and principles of spam filtering 19 A filtration server interacts with UDS servers of Kaspersky Lab via UDP using port 7060 for communication. In order to use UDS, a filtration server must be able to establish outgoing connections through that port. Information about available UDS servers is added to the content filtration databases.
Kaspersky Anti-Spam 3.0 • append a special header to the message • delete message • reject message. System administrator can define which of the listed actions will be performed over messages with a specific status. Preservation of all useful mail must be the top priority for the system administrator because the loss of a single important message may cause more trouble for the end user than receipt of a dozen of spam messages.
Architecture of Kaspersky Anti-Spam and principles of spam filtering 21 Before configuring group policies, the administrator must create groups described by the lists of addresses of message recipients. The product applies its policies in accordance with the following rule: general filtration policy defines the default settings for all groups while group settings may either inherit those values or redefine them.
Kaspersky Anti-Spam 3.0 Figure 2. The Monitoring tab of the Control Center The section contains parameters tracked by the monitoring system and the messages from product modules, which you can use to analyze the current status of Kaspersky Anti-Spam components. The monitoring system also generates notifications and reports while running. The monitoring script starts regularly and sends to system administrator a message informing about detected problems whenever it finds any issues.
CHAPTER 3. INSTALLING KASPERSKY ANTI-SPAM This section contains information about the procedure of program installation, integration of client plug-in modules with the host mail server and configuring access to the Control Center, the main product management tool. 3.1. Preparing for installation Before you proceed with Kaspersky Anti-Spam installation, it is necessary to: • Make sure that your system meets the hardware and software requirements for Kaspersky Anti-Spam (see section 1.3 on page 9).
Kaspersky Anti-Spam 3.0 3.2. Installing Kaspersky Anti-Spam distribution package Kaspersky Anti-Spam 3.0 is distributed in several installation packages: • .rpm package for most versions of the Linux operating system (RedHat, SuSe, Mandrake, Fedora, etc.) • .deb package for Debian Linux distribution • .tgz package for the FreeBSD 4.10 operating system. • .tbz package for the FreeBSD 5.4 operating system.
Installing Kaspersky Anti-Spam • 25 Creation of a сron task for the mailflt3 account to run automatically the script downloading updates to the content filtration databases and the script monitoring the filtration server activity. Having completed the filtration server setup, install the license key and integrate the host mail server with Kaspersky Anti-Spam. 3.3.
Kaspersky Anti-Spam 3.0 Passwords for access to the Control Center are stored in the .htpasswd file in an encrypted form. The interface and port number to be used for connection to the Control Center are specified in the /usr/local/ap-mailfilter3/etc/kas-thttpd.conf file using the host and port parameters respectively. E.g., the following values: host=0.0.0.0 port=3080 mean that the Control Center will listen on port 3080 of all server interfaces expecting incoming connections.
Installing Kaspersky Anti-Spam 27 In order to install a new license key locally using the command line, run the following command: # /usr/local/ap-mailfilter3/bin/install-key where key stands for a path to the file containing the license key. If a license key has not been installed or the installed key is invalid, Kaspersky Anti-Spam will not filter mail. Mail server performance will not be affected; its email traffic will just be transferred without analysis.
Kaspersky Anti-Spam 3.0 # /usr/local/ap-mailfilter3/bin/config-sendmail.pl where path stands for the path to the Sendmail configuration file. • To integrate Kaspersky Anti-Spam with Postfix, run the following command as root: # /usr/local/ap-mailfilter3/bin/config-postfix.pl where path stands for the path to the master.cf Postfix configuration file. • To integrate Kaspersky Anti-Spam with Exim, run the following command as root: # /usr/local/ap-mailfilter3/bin/config-exim.
Installing Kaspersky Anti-Spam 29 3.6. Configuring updates of content filtration databases and UDS use By default after installation of Kaspersky Anti-Spam updates to the content filtration databases and UDS are disabled. In order to allow updating of the databases and activate UDS, run the enable-updates.sh script: # /usr/local/ap-mailfilter3/bin/enable-updates.sh Restarting as mailflt3 Enabling UDS... uds-rtts finished successfully Enabling automatic updates...
CHAPTER 4. MANAGING THE SPAM FILTRATION SERVER You can use Kaspersky Anti-Spam to protect e-mail traffic from unwanted spam mail. The system of protection is based on performance of tasks representing the main features of the application. The tasks performed by Kaspersky Anti-Spam can be subdivided into three main groups: • Mail traffic protection against spam. • Updates of the content filtration databases used for spam detection. • Monitoring of the anti-spam engine activity.
Managing the spam filtration server 31 The kas-thttpd service providing access to the Control Center of Kaspersky AntiSpam is started by the kas3-control-center script (in Linux) and kas3-controlcenter.sh script (in FreeBSD). To start, stop or restart the kas-thttpd service, use the script with the command line parameters described above for the kas3 script. 4.2. Kaspersky Anti-Spam Control Center Control Center is the main administration tool for Kaspersky Anti-Spam.
Kaspersky Anti-Spam 3.0 • Settings – the section containing the settings of the anti-spam engine, Control Center, and the subsystem updating the content filtration databases. • License – the section used to manage the licenses for Kaspersky AntiSpam and register users authorized to administer the product. The left part of the main window displays a menu containing the list of pages in the current section. Menu content will change depending upon the currently selected section.
Managing the spam filtration server 33 The parameters of group policies can be configured in the group policy editor. You can launch the editor from the Group list window. The Rebuild All Policies link in the Build menu can be used to force the compilation of filtering policies (reading and application of configuration settings). A forced compilation may be necessary, for example, to update the settings of a filtration policy if the application has read them incorrectly. 4.3.1.
Kaspersky Anti-Spam 3.0 • the number of modified rules compared with the original settings of the content filtration databases. To the right of the description of each section there is a button opening the editor for the rules of that section: . The button is highlighted in orange for the sections containing modified rules. Clicking the button opens a page where you can edit the filtration policy. Policy editor can also be invoked by clicking the functional section's title.
Managing the spam filtration server 35 Trusted status (please refer to section 2.3 on page 19 for details on statuses). You are not advised to disable spam recognition on the common policy level. The feature may be useful during product testing and in cases, when you need to filter spam for a few user groups only. • Detection Level defines how strictly the application approaches spam recognition.
Kaspersky Anti-Spam 3.0 DNS and DNS-based checks may result in considerably slower message processing. Disable the method if its use reduces filter performance noticeably. This parameter determines the use of DNS services by the filtration server. Individual services can be enabled / disabled in the DNS & SPF Checks section (see section 4.3.1.2 on page 36). Please see section 4.3.3 on page 42 for details on the configuration of DNSBL services and their use. • SURBL Check – use of the SURBL service.
Managing the spam filtration server • 37 Check SPF Records – sender's IP address check using SPF. Figure 6. The DNS & SPF Checks section 4.3.1.3. The Headers Checks section The Headers Checks section (see Fig. 7) allows you to configure the parameters of rules used to analyze e-mail message headers. Figure 7.
Kaspersky Anti-Spam 3.0 This section does not contain a complete list of all rules that Kaspersky AntiSpam uses for analysis of message headers. Instead, it contains just the rules, which, being applied, may filter out useful mail with certain known signs of spam. These signs include: • Undisclosed list of recipients in TO – the presence of an undisclosed list of recipients in the TO header. • Digits mixed with letters in TO or FROM headers.
Managing the spam filtration server 39 4.3.1.4. The Eastern Encodings section The Eastern Encodings section (see Fig. 8) allows you to specify the languages and encodings of messages allowed for delivery to the recipients within your mail system without being considered spam. Figure 8. The Eastern Encodings section of the default filtration policy rules This product version recognizes a group of oriental languages for the purpose of spam control: Chinese, Korean, Thai, and Japanese.
Kaspersky Anti-Spam 3.0 Figure 9. The Obscene Content section of the default filtration policy rules If the Message with obscene words and phrases parameter is set to mark in Subject, then all messages containing obscene language will be marked with the [--Obscene--] record in the message subject. 4.3.2. Managing the white and black lists The list of trusted senders (White List) is used to specify explicitly the addresses acting as a reliable source of messages, which do not need a spam check.
Managing the spam filtration server 41 Figure 10. Configuration page for the white list A list of trusted senders consists of a list of e-mail addresses and a list of IP addresses. You can enter the addresses in a text field in the central part of the page. The e-mails | ip addresses switch is used to select the type of records in a white list. The Apply button saves entered information. To cancel unsaved changes, use the Reset button. Save your changes before using the e-mails | ip addresses toggle.
Kaspersky Anti-Spam 3.0 IP addresses are recorded in the CIDR notation, which allows the following variations: • aaa.bbb.ccc.ddd – a specific IP address, for example, 192.168.0.17; • aaa.bbb.ccc.ddd/mm – subnet address with a specified number and mask, for example, 192.168.0.0/16. Addresses in lists can be delimited by spaces, line feed symbols, commas or semicolons. 4.3.3.
Managing the spam filtration server 43 Service rating means the service reliability from the viewpoint of filtration server administrator. While checking a sender's IP address in DNSBL, Kaspersky AntiSpam sends a request to all services included in the list. As soon as the results arrive, it sums up the ratings of services, which have recognized the specified IP address as one used for dispatch of unsolicited mail.
Kaspersky Anti-Spam 3.0 4.3.4. Managing the list of protected domains The list of protected domains contains the names of domains receiving traffic, which will be filtered from spam that may appear in the stream of incoming messages. You can manage the list using the page at Policies → Common → Protected Domains (see Fig. 12). Figure 12. The list of protected domains You can use wildcards while entering domain names: * stands for any number of characters, ? stands for any single character. E.g.
Managing the spam filtration server 45 For domains added to the protected list the product will control compliance with the license limitations (e.g., control of mail traffic volume if the license uses a restriction of that parameter). You can also enter changes to the list of protected domains locally from the command line. The original list of domains is stored in the protected_domains text file located in the /usr/local/ap-mailfilter3/conf directory.
Kaspersky Anti-Spam 3.0 Let us examine closely each of these tasks: In order to open the group properties' editor, Click the button to the right of the title indicating the group, which you wish to modify. Figure 13. The list of groups used by Kaspersky Anti-Spam The group properties' editor allows you to configure: • General group parameters, such as group name, comments and a list of mail addresses for which group rules will apply. • Rules of spam recognition.
Managing the spam filtration server 47 In order to create a new group, perform the following actions: 1. Click the button about the group list. 2. Use the window that opens next (see Fig. 14) to specify the group name, enter comments (if necessary) and a list of e-mail addresses. Figure 14. The page for creation of a new group The Group Id field contains group identifier assigned to it at creation. That parameter cannot be changed.
Kaspersky Anti-Spam 3.0 In order to delete an existing group, Click the button to the right of the group name. In order to change the order of group listing, Click the button to the left of group name. The selected group will be moved up then. During message processing, the filtration module reviews groups in the order defined in their list (from the list beginning to end). A message will be processed using the rules of the first group including the address of its recipient.
Managing the spam filtration server 49 Figure 15. The Rules page of a group filtration policy As you can see in the image, the group inherits all default policy settings (set to by default) except for the DNS & SPF Checks parameter. The said method is disabled. You can create black and white lists of senders using the White List and Black List links in the Group Policy menu. Configuration of these lists for individual groups is identical to that for the default filtration policy (see section 4.3.
Kaspersky Anti-Spam 3.0 You can define the necessary action using the drop-down list under the header that describes message status. The administrator can select the following actions: • Accept this message – mail server accepts a message and delivers it to the recipient. • Send a copy of this message to other recipient(s) – mail server accepts a message, delivers it to the recipient and sends a copy thereof to the address specified in the Send message to field.
Managing the spam filtration server 51 Figure 16. The Actions page of a group filtration policy Kaspersky Anti-Spam allows the following message modifications: • Addition of a label to the message subject field (at the beginning of subject text). The Prepend to the Subject field defines the label text. • Addition of a special X-Spamtest-Header containing text specified by the administrator. The header may be used then for automatic processing of such messages in e-mail software employed by end users.
Kaspersky Anti-Spam 3.0 section A.5 on page 112 for details about the headers added to a mail message as a result of filtration procedure. 4.4. Updating the content filtration databases Content filtration databases used during analysis of mail message contents are updated by sfupdates, a special updater module. It can use the Internet (an update server of Kaspersky Lab) or a network directory as the source of updates to the content filtration databases.
Managing the spam filtration server 53 Figure 17. The settings of Kaspersky Anti-Spam updater module The Updater Settings sections contains general updating parameters: • Run updater automatically – the interval between downloads of updates to the content filtration databases from update servers. The interval can be specified within the range from 20 minutes to 3 hours. You are advised to set as short updating interval as possible.
Kaspersky Anti-Spam 3.0 manually. Please see section 4.4.2 on page 55 for details on manual configuration. • Updater log level – parameter that defines the level of details logged to a report file during an update. The following levels of details are available: • fatal – the program logs messages about fatal errors only. • error – the program logs messages about all errors (fatal and non-fatal). • warning – the program logs warnings and error messages.
Managing the spam filtration server 55 This parameter can be set to any of the following as a source of updates: • a HTTP server. Record format: http:// • an FTP server. Record format: ftp:// • a local directory. Record format: // The use of a local directory as a source of updates allows you to arrange updating of several servers in a large network from a single source.
Kaspersky Anti-Spam 3.0 databases and restart the filtration module to make it work with the new databases. During setup of Kaspersky Anti-Spam the installer by default configures cron to run the updating script every 20 minutes for the mailflt3 user. If for some reason you need to configure the task running the update script manually, perform the following steps: 1. Use the following command to edit the cron task file for the mailflt3 user: # crontab –u mailflt3 –e 2.
Managing the spam filtration server 57 4.5.1. Common filtration server parameters Common parameters of the filtration server can be found in the Settings → AntiSpam Engine → Common page (see Fig. 18) that includes: • Syslog facility – system log facility that will be used to record the messages from the components of Kaspersky Anti-Spam. By default, the product writes messages using the mail facility.
Kaspersky Anti-Spam 3.0 (syslog facility). In particular, the mail.info level specified by default in FreeBSD for the mail facility decreases the level of details even if the Verbose level parameter has been assigned the more debug value. The more debug level of details causes additional load on the server and may decrease its performance. Please use that level only for debugging of application operation.
Managing the spam filtration server 59 Figure 19. Parameters of the filtration master process 4.5.3. Parameters of the filtering processes The Settings → Anti-Spam Engine → Filtration Process page (see Fig. 20) contains the parameters of the ap-mailfilter filtering processes: • Max. number of mail messages to be processed – maximum number of mail messages that a single filtering process can serve.
Kaspersky Anti-Spam 3.0 • Max. idle time (in seconds) – maximum time (seconds) during which a filtering process may remain idle. If a filtering process receives no mail messages for analysis within the specified interval, it discontinues its activity. Default value: 300. • Exit delay (in seconds) – maximum duration (seconds) of the delay before termination of a filtering process after it receives a command to stop. By default, the parameter is set to 0.
Managing the spam filtration server 61 A higher value tells the filtration server to check a greater number of intermediate servers increasing the probability of recognizing spam messages that arrive via several intermediate mail servers. At the same time, it also generates additional load on the filtration server and can lead to filter false positives.
Kaspersky Anti-Spam 3.0 Figure 21. Spam recognition parameters 4.5.5. Client module settings The Settings → Anti-Spam Engine → MTA Clients page (see Fig. 22) contains the settings for the client plug-in modules responsible for interaction between the e-mail server and the anti-spam engine: • Filtering size limit (KB) – maximum size of messages (KB) to be processed by the filtration server. If a message exceeds the specified size, the filtration server will not process it. Default value: 500.
Managing the spam filtration server • 63 generate temporary error – the message will not be delivered. The application will return to the sender a notification about a temporary mail server error. As a rule, in that case the sender's mail server after some time tries again to send the message. • Default domain – name of the mail domain to be substituted into addresses where mail domain is omitted. E.g., if mycompany.
Kaspersky Anti-Spam 3.0 4.5.6. Notifications about rejected messages If the Reject this message action has been specified as the action over messages with a specific status, filtration server will not route such messages to their original recipients. Instead, it returns to message sender a notification informing that mail delivery is impossible. Filtration server uses two types of notifications. The use of messages of a certain type is determined by the product settings and recognition results.
Managing the spam filtration server 65 You can edit the text of these messages on the Settings → AntiSpam Engine → Reject Messages page of the Control Center (see Fig. 23). Figure 23. Reject/bounce message editing page 4.6. Control Center settings The Settings → Maintenance → Control Center page (see Fig.
Kaspersky Anti-Spam 3.0 Figure 24. Control Center settings 4.7. Managing the license keys The opportunity to use Kaspersky Anti-Spam is determined by the availability of a license key. The key is included into the product package and entitles you to use the application since the date of key purchase and installation. Kaspersky Anti-Spam DOES NOT FUNCTION without a license key! All e-mail messages will be transmitted without filtering.
Managing the spam filtration server 67 Control Center can be used to perform all operations related to the management of installed license keys. 4.7.1. Viewing the license information You can view the license information and manage the license keys on the License → License Keys page (see Fig. 25). Figure 25.
Kaspersky Anti-Spam 3.0 – The product functions in close proximity to the restrictions specified in the license or the license will expire within two weeks. – The license has expired or the limitations specified in the license (e.g., the volume of processed mail traffic) have been exceeded. In two latter cases the line will also contain an explanation. Below the informational block you can see a list of installed license keys for Kaspersky Anti-Spam with brief information about each of them. 4.7.2.
Managing the spam filtration server 69 To remove your reserve license key, enter the following in the command line: # /usr/local/ap-mailfilter3/bin/remove-key -r License keys cannot be removed using the interface of Control Center. 4.8.
Kaspersky Anti-Spam 3.0 For each of the monitored components, in addition to the status data, the page may contain information about occurrence of certain events pertaining to that component. Icons next to the title of each parameter serve as additional indicators. Icon view reflects the status of the monitored component: – Error: component failure or an exceeded value specified for the monitored parameter.
Managing the spam filtration server 71 Figure 27. The page for monitoring of the filtration server's core The Anti-Spam Engine section consists of the following fields: • Version – version and build number of the filtration module being used. • ap-process-server – status of filtration master process. During normal process operation the line contains information about process identifier (pid). • ap-mailfilter – status of the filtering processes.
Kaspersky Anti-Spam 3.0 messages, which will be displayed in the log. The drop-down list contains the following values: • All messages – all possible messages will be displayed. • Notices, Warnings and Errors – the page will display all messages except for informational ones. • Warnings and Errors – the page will only display messages about fatal errors and warnings. • Errors only – only messages about fatal errors will be displayed. 4.8.1.2.
Managing the spam filtration server 73 • Anti-Spam Database Id – information about installed content filtration databases: date and time of database release and the time of recent updates. • Last Update – date and time of the last update to the content filtration databases. The monitoring system displays a warning if the databases have not been updated for a long time.
Kaspersky Anti-Spam 3.0 The Monitoring:License section in the upper part of the page consists of the following fields: • Product – name of the installed product. • License – current license and information about its limitations. • Valid till – date when the license will expire. The monitoring system will begin to produce warnings for the administrator one month before the license validity period expires. • License Daemon – status of the licensing service.
Managing the spam filtration server 75 In order to force report delivery, run the following command as root: # su –m mailflt3 -c '/usr/local/ap-mailfilter3/control/ bin/sfmonitoring –m' To output the report to server's console: # su –m mailflt3 -c '/usr/local/ap-mailfilter3/control/ bin/sfmonitoring –p' If Kaspersky Anti-Spam is installed on a server running RedHat, use the following command to start the sfmonitoring, utility: su – –m mailflt3 -c '/usr/local/apmailfilter3/control/bin/sfmonitoring -
Kaspersky Anti-Spam 3.0 Figure 30. The Statistics page Below the table the product displays a graph demonstrating the distribution of volume between detected messages of various types (for the selected period), and a pie chart that illustrates the shares (in percents) of the volume made up by various message types. On the circular gragh the volume of email messages, that have received a similar status as a result of spam recognition, is represented by a segment of a certain color.
CHAPTER 5. UNISTALLING KASPERSKY ANTI-SPAM To uninstall Kaspersky Anti-Spam, you must be a privileged (root) user. If you are currently logged under a user account with lesser privileges, log on as root. The uninstallation process will automatically stop all the services of Kaspersky Anti-Spam! When you are uninstalling Kaspersky Anti-Spam, the application services will be stopped, and all files and directories created during installation will be deleted.
Kaspersky Anti-Spam 3.0 Since product integration with Communigate Pro mail server is performed manually, delete from Communigate Pro configuration the settings pertaining to Kaspersky Anti-Spam before you uninstall the product (see section A.2.7 on page 98). If you wish to return the original mail server settings used before Kaspersky AntiSpam installation without removing it, use the MTA-unconfig.pl script located in the /usr/local/ap-mailfilter3/bin directory.
CHAPTER 6. FREQUENTLY ASKED QUESTIONS This chapter is devoted to questions most frequently asked by users regarding the installation, setup, and operation of the application. Question: Why do I need a license key? Will my application work without it? Kaspersky Anti-Spam will not function without a license key. If you are still undecided whether or not to purchase a licensed copy of the application, we can provide you with a temporary key file (trial key), which will only work for two weeks or for a month.
Kaspersky Anti-Spam 3.0 Question: The application does not work. What should I do? If you have encountered a problem while using the application, first of all, please make sure that the solution to this problem is not described in this document (in particular, in this section) or at the Services/Knowledge base section of the Kaspersky Lab's web site (www.kaspersky.com).
Frequently asked questions • 81 E-mail address that the specialists of our Technical Support service can use to contact you. In the next window of the web form enter your contact information, type the code of protection against automatic registration and click the Submit button. Experts at the Technical Support service will carefully examine your problem and help you as soon as possible.
Kaspersky Anti-Spam 3.0 Question: Kaspersky Anti-Spam does not filter spam. Processed messages contain the following header: X-SpamTest-Info: No License This problem is caused by expired license or absence of an installed license key. Make sure that the license key is installed and it has not expired. Please refer to section 4.7 on page 66 for details on management of license keys. Question: Kaspersky Anti-Spam does not check IPv6 IP addresses obtained from Received headers. Kaspersky Anti-Virus 3.
APPENDIX A. ADDITIONAL INFORMATION ON KASPERSKY ANTI-SPAM A.1. Location of product files in the file system After the installation of Kaspersky Anti-Spam, the distribution files will be saved to the following locations: /usr/local/ap-mailfilter3/ – the main directory where the product is installed.
Kaspersky Anti-Spam 3.0 etc/ – the directory containing Kaspersky Anti-Spam configuration files; lib/ – the runtime libraries; log/ – the directory for storing filtering server’s log, which is used for processing statistics; run/ – the product’s working directory. This directory is also used for storing pid-files of running processes of filtering server; src/ – the directory containing source files of the kas-exim module. A.2.
Chapter 6 4. In accordance with the received processing result the client module modifies the message – if required – and returns it to the mail server. Interaction between the client module, filtering master process and filtering process is done through a network or local socket using an internal protocol. The use of a network socket allows placing the filtering server and the mail server with integrated client module on different servers.
Kaspersky Anti-Spam 3.0 • ClientDefaultDomain – the mail domain name set-up to addresses which have no mail domain specified. Example: if you specify the domain mycompany.com as the default mail domain, then the address someuser will be interpreted as someuser@mycompany.com. If you did not define this parameter, then the domain name substitution is not performed (by default this parameter is not defined).
Chapter 6 ClientFilteringSizeLimit 500 ClientDefaultDomain localhost In addition to the settings described earlier in the appendix A.2.2, for the kasmilter module you can set the SendMailAddress parameter in the filter.conf file, which defines the socket for interaction with Sendmail. To set up Sendmail for interaction with kas-milter, add the following lines to the sendmail.cf configuration file: Xkasfilter,S=local:/var/run/kas-milter.
Kaspersky Anti-Spam 3.0 X-Spamtest-Group-ID: 00000002 X-Spamtest-Group-ID: 00000001 Which indicate that the message was processed in accordance with the rules defined for groups with identifiers 1 and 2 (identifiers of sales and managers groups), and the message was assigned SPAM and Not Detected statuses. For detailed information on the headers, see the item A.5 on page 112.
Chapter 6 89 This scheme can be implemented with any mail server that either supports running a second instance with different settings, or delivers via LMTP protocol, or delivers all mail to the specified mail server through SMTP. Configuration of client module interaction with mail server can be performed with special scripts (see the item 3.5 on page 27), and manually. Manual configuration for a client module is done by modifying the filter.
Kaspersky Anti-Spam 3.0 • PipeOutDataTimeout=5...600 – timeout for transfer of data through a socket or program defined by the PipeOutgoingAddr parameter. • PipeMultipleMessagesAllowed – creation of message copies in cases when filtering results are different for different users. The possible values are yes, no. • PipeUseXForward – support for the XForward command that allows retrieving the IP address of the server from which a message came (only when Postfix is used). Possible values are yes, no.
Chapter 6 The kas3scan service limits the number of simultaneous connections and uses the smtp_send_xforward_command option to transfer the IPaddress of the sender server to the kas-pipe module. To implement this scheme, do the following: 1. In the filter.conf configuration file, specify the following values: ClientConnectTo tcp:127.0.0.1:2277 PipeMultipleMessagesAllowed Yes PipeInProtocol smtp PipeOutProtocol smtp PipeOutgoingAddr tcp:127.0.0.1:9025 PipeUseXForward yes 2.
Kaspersky Anti-Spam 3.0 -o smtpd_recipient_restrictions=permit_mynetworks, reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=no -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 kas3scan unix n 10 smtp -o smtp_send_xforward_command=yes ### KASPERSKY ANTI-SPAM END ### For Postfix version 2.1 and higher, you can configure kas-pipe to act as a proxy filter (smtpd_proxy_filter).
Chapter 6 3. Having processed the message, kas-pipe returns it using the exim –bs command. The message again is queued in the Exim queue. However, the router for the kas-pipe module will be skipped because the mail was sent locally. 4. Exim delivers the message to the recipient. To implement this scheme, do the following: 1. In the filter.conf configuration file, specify the following values: PipeInProtocol lmtp PipeOutProtocol smtp PipeOutgoingAddr exec:/usr/local/sbin/exim -bs 2.
Kaspersky Anti-Spam 3.0 configuration file of Exim. The resulting configuration is stored in the /var/lib/exim4/config.autogenerated file. For the Debian distribution package, Kaspersky Anti-Spam can be integrated with the Exim mail server either manually or automatically, using a special script(see. section. 3.5 on page 27). To configure the Exim mail server to work with the kas-pipe module, do the following: • If the exim4.conf.
Chapter 6 The kas-exim module is used as an alternative solution. For a standard installation, integration with Exim is implemented using the kas-pipe client module. In contrast to kas-pipe, the kas-exim module does not require that the second copy of the mail server be started for transmitting mail messages. To use localscan API, you should recompile Exim. Therefore, the kas-exim module is shipped as a source code written in C and it should be manually installed.
Kaspersky Anti-Spam 3.0 • kas_connect_timeout – maximum time (sec) for establishing a connection with the filtering server. • kas_data_timeout – maximum time (sec) for data exchange sessions with the filtering server. • kas_default_domain – name of the mail domain used in the address if the original domain is not specified. • kas_filtering_size_limit – maximum size (in KB) of a message that can be transferred to the filtering server. Messages of larger sizes are bypassed without processing.
Chapter 6 A.2.6. kas-qmail – client module for the Qmail mail server The kas-qmail module provides integration of Kaspersky Anti-Spam with the Qmail mail server. When this module is used, the mail traffic is processed using the following algorithm: 1. The qmail-queue module of Qmail is replaced with the kas-qmail client module, which transfers incoming mail to the filtering server for further processing. 2.
Kaspersky Anti-Spam 3.0 In addition to the options provided in Appendix A.2.2, this file contains the QmailOriginalQueue option that specified the full path to the original qmailqueue module. To configure Qmail to work with the kas-qmail client module, do the following: 1. Rename the original file of the qmail-queue module using the following command: # mv /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue.kas 2.
Chapter 6 options for the Communigate Pro mail server are modified through using the mail server web interface. Below is a fragment of the filter.conf file that contains settings of the client module: ClientConnectTo tcp:127.0.0.
Kaspersky Anti-Spam 3.0 Data: Message Size Operation: less than Parameter: 500000 Action: external filter Parameters: kas-cgpro Specific features of using kas-cgpro with Communigate Pro: • During an SMTP session, the kas-cgpro client module cannot reject an incoming message for which the reject this message action is specified. Instead, Communigate Pro sends a bounce message to the sender that the message cannot be delivered to the recipient.
Chapter 6 A.3.1. Main configuration file filter.conf The configuration file /usr/local/ap-mailfilter3/etc/filter.conf contains that regulate operation of all Kaspersky Anti-Spam components (excluding the updating module). General settings RootPath – path to the Kaspersky Anti-Spam installation directory. The default value is /usr/local/ap-mailfilter3.
Kaspersky Anti-Spam 3.0 ServerSpareFilters – minimum number of idle filtering processes (not processing messages). If the number of processes exceeds the specified limit, the idle processes are forcedly ended. The default value is 0. The ServerSpareFilters value must not exceed the ServerMaxFilters parameter. Settings of filtering processes FilterMaxMessages=10...1000 – maximum number of messages that can be processed by a filtering process.
Chapter 6 103 FilterLicenseDataTimeout=1..10 – timeout (in seconds) for read / write operations for the interaction socket used by the filtering process and the licensing module. The default value is 1. FilterSPFDataTimeout=1..10 – timeout (in seconds) for read / write operations for the interaction socket used by the filtering process with the SPF daemon. The default value is 1. FilterDNSTimeout=1...60 – timeout (in seconds) for performing all possible checks using DNS. The default value is 10.
Kaspersky Anti-Spam 3.0 LicenseMaxConnections=10...300 – maximum number of simultaneous connections with the licensing module. The default value is 200. LicenseIdleTimeout=1...100 – maximum time (in seconds), during which the licensing module can maintain connection with an idle filtering process that sends no data. After this timeout is over and if no requests are received from the filtering process, the connection is terminated. The default value is 30. LicenseDataTimeout=1...
Chapter 6 ClientOnError – method of handling errors (unable to connect to the filtering module, the timeout for exchanging data is exceeded, etc.). Possible values: • reject – reject the message and return the 5xx code during an SMTP session; • tempfail – temporarily reject the message and return the 4xx code during an SMTP session (used by default); • accept – accept the message. ClientDefaultDomain – name of the mail domain substituted into the address in which no domain is specified.
Kaspersky Anti-Spam 3.0 A.3.2. Configuration file kas-thttpd.conf The kas-thttpd.conf configuration file located at /usr/local/ap-mailfilter3/etc/ contains settings of the HTTP server that provides a web interface of the main Kaspersky Anti-Spam configuration tool – the Management Center. This file has the following options: user – the rights of this user are used to run Management Center scripts.
Chapter 6 • username – name of the user–owner of the password. • –с – option that specifies that it is necessary to create a new file with passwords. If the value for this option is not set, the password_file option should be set to an existing file. • –h – outputs to the console information about the utility. A.4.2. kas-show-license The kas-show-license utility started from the command line displays information about installed license key files on the screen.
Kaspersky Anti-Spam 3.0 –V – instruction to use the specified level of details for the messages output to the console. Possible values: 1...10. –l – instruction to use higher level of details for messages added to system log in comparison with the default level. –L – instruction to use the specified level of details for the messages added to system log. Possible values: 1...10. –c – redefines the path to the filter.conf configuration file.
Chapter 6 109 –c redefines the path to the filter.conf configuration file. If filter.conf is located in a directory other than the default, specify a complete path to the filter.conf file as a value for the configuration_file parameter; –k < – redefines the path to the kas-conf script, which reads Kaspersky Anti-Spam configuration.
Kaspersky Anti-Spam 3.0 –V – instruction to use the specified level of details for the messages output to the console. Possible values: 1...10. –l – instruction to use higher level of details for messages added to system log in comparison with the default level. –L – instruction to use the specified level of details for the messages added to system log. Possible values: 1...10. –c redefines the path to the filter.conf configuration file. If filter.
Chapter 6 111 When the utility is started without command line options, error messages, warnings, and messages about successfully completed operations are displayed. A.4.7. sfmonitoring The sfmonitoring utility monitors the state of Kaspersky Anti-Spam components. If any errors are found, it outputs the corresponding information to the console.
Kaspersky Anti-Spam 3.0 default, specify a complete path to the filter.conf file as a value for the configuration_file parameter. • –f – forces compiling a configuration. If this option is not specified, the configuration is compiled only if the updates for the content filtering database were downloaded. • –k – redefines the path to the kas-conf script, which reads Kaspersky Anti-Spam configuration.
Chapter 6 this version, it is used for compatibility purposes. The table below lists possible values of the headers. Header X-SpamtestStatus X-SpamtestStatus-Extended • Meaning Description Trusted The sender of this message is in the white list of senders or mail anti-spam scanning is disabled for the recipient in group policy. SPAM Message is classified as spam. Probable Spam Message is classified as probably spam. Not detected Message is not classified either as spam or probably spam.
Kaspersky Anti-Spam 3.0 • X-Spamtest-Obscene – header added to messages that contain obscene phrases. • X-SpamTest-Formal – header added to a message that was classified as Formal. • X-Spamtest-Rate – header containing a rate assigned to the message during processing. Kaspersky Anti-Spam uses this value to assign a status to this email message. • X-Spamtest-Group-ID – header that contains the identifier of the group whose rules were used to process this message.
Chapter 6 Meaning Method UDS BL Filtering using UDS. It combines heuristic and black lists check. SURBL Filtering using SURBL service. Content Filtering of message content. probable "Probable spam" method. detection disabled Anti-spam mail scanning is disabled for the recipient in group policy. multiple Several methods were used to assign the status. None No one of these methods allows to classify the message. Such messages receive the Not detected status. A.6.
Kaspersky Anti-Spam 3.0 Recommended startup frequency: every five minutes. • Script for handling filtering logs and updating the statistics. This script collects statistic data about the number of processed messages from Kaspersky Anti-Spam logs and handles filtering server logs to display messages through the interface of the Control Center. Startup command: /usr/local/ap-mailfilter3/control/bin/dologs.sh –q Recommended startup frequency: once a minute. • Script for updating statistic diagrams.
Chapter 6 117 In addition to configuring the above scripts, the following actions are highly recommended: • Specify the path to the directory in which the above-listed scripts will be executed as the value of the HOME variable. The recommended path is /usr/local/ap-mailfilter3/run. • Add a list of paths to the main system utilities, including the sendmail2 utility, as the value of the PATH variable.
APPENDIX B. HOW TO SEND SPAM MESSAGES TO SPAM ANALYSTS Kaspersky Lab thanks all users who send new examples of spam messages to the group of our spam analysts. These spam messages help us respond faster to new methods of spam distribution and block them as early as they appear. You can also send us examples of messages that were erroneously recognized as spam. These messages will be thoroughly analyzed by the experts of our linguistic laboratory.
Appendix B 2. 3. To forward spam using The Bat! Mail client, do the following: • If you want to manually forward a message, select one or several spam messages and click Alternative Forward. This command is located in the Specials menu on the toolbar. • To configure automatic forwarding of spam messages, set up sorting rules in the message handler as follows: o Clear the Do not send attachments check box. o Select the Use MIME standard check box.
APPENDIX C. KASPERSKY LAB Founded in 1997, Kaspersky Lab has become a recognized leader in information security technologies. It produces a wide range of data security software and delivers high-performance, comprehensive solutions to protect computers and networks against all types of malicious programs, unsolicited and unwanted email messages, and hacker attacks. Kaspersky Lab is an international company.
Appendix C 121 A.7. Other Kaspersky Lab Products Kaspersky Anti-Virus® Personal ® Kaspersky Anti-Virus Personal has been designed to provide anti-virus protection to personal computers running Microsoft Windows 98/ME or Microsoft Windows 2000/NT/XP against all known viruses, including potentially dangerous software. Kaspersky Anti-Virus Personal provides real-time monitoring of all sources of virus intrusion - e-mail, Internet, floppy disks, CD, etc.
Kaspersky Anti-Spam 3.0 unique second-generation heuristic analyzer efficiently detects unknown viruses. A simple and convenient interface allows users to configure the program quickly making work with it easier than ever. Kaspersky Anti-Virus® Personal Pro has the following features: • On-demand scan of local disks. • Real-time automatic protection of all accessed files from viruses.
Appendix C 123 Kaspersky® Personal Security Suite Kaspersky® Personal Security Suite is a software suite designed for organizing comprehensive protection of personal computers running Microsoft Windows. The suite prevents malicious and potentially dangerous programs from penetrating through any possible data sources and protects you from unauthorized attempts to access your computer’s data, as well as blocking spam.
Kaspersky Anti-Spam 3.0 • Select standard/extended anti-virus databases for scanning. • Save a report on the scanning results in txt or html formats. ® Kaspersky OnLine Scanner Pro The program is a subscription service offered to the visitors of Kaspersky Lab's corporate website. The service allows an efficient online anti-virus scan of your computer and disinfection of dangerous files. Kaspersky OnLine Scanner Pro ® runs within your web browser using Microsoft ActiveX technology.
Appendix C 125 • Blocking of dangerous VBA macros in Microsoft Office documents. • System restoration after malicious spyware influence accomplished due to recording of all changes in the registry and computer file system and an opportunity to perform their roll-back at user's discretion. Kaspersky® Internet Security 6.0 ® Kaspersky Internet Security 6.0 is an integrated solution for protection of personal computers against the main information-related threats, i.e. viruses, hackers, spam and spyware.
Kaspersky Anti-Spam 3.0 The program employs complex approach to anti-spam filtering of incoming e-mail messages: • Verification against black and white lists of recipients (including addresses of phishing sites). • Inspection of phrases in message body. • Analysis of message text using a self-learning algorithm. • Recognition of spam sent in image files.
Appendix C 127 The Kaspersky Anti-Virus® Business Optimal distribution kit includes Kaspersky® Administration Kit, a unique tool for automated deployment and administration. You are free to choose from any of these anti-virus applications, according to the operating systems and applications you use. ® Kaspersky Corporate Suite This package provides corporate networks of any size and complexity with comprehensive, scalable anti-virus protection.
Kaspersky Anti-Spam 3.0 coming from servers entered in these lists as sources distributing unwanted email (spam). ® Kaspersky Security for Microsoft Exchange 2003 Kaspersky Security for Microsoft Exchange performs anti-virus processing of incoming and outgoing mail messages as well as messages stored at the server, including letters in public folders and filters out unsolicited correspondence using "smart" spam recognition techniques in combination with Microsoft technologies.
APPENDIX D. THIRD PARTY SOFTWARE In the process of development of Kaspersky Anti-Spam 3.0, the following third party software was used: Berkeley DB 1.85 library can be used on the following terms and conditions: Copyright (c) 1990, 1993, 1994 The Regents of the University of California. All rights reserved. This code is derived from software contributed to Berkeley by Margo Seltzer.
Kaspersky Anti-Spam 3.0 libjpeg 6b library can be used on the following terms and conditions: LEGAL ISSUES ============ In plain English: 1. We don't promise that this software works. (But if you find any bugs, please let us know!) 2. You can use this software for whatever you want. You don't have to pay us. 3. You may not pretend that you wrote this software. If you use it in a program, you must acknowledge somewhere in your documentation that you've used the IJG code.
Appendix D 131 We specifically permit and encourage the use of this software as the basis of commercial products, provided that all warranty or liability claims are assumed by the product vendor. ansi2knr.c is included in this distribution by permission of L. Peter Deutsch, sole proprietor of its copyright holder, Aladdin Enterprises of Menlo Park, CA. ansi2knr.
Kaspersky Anti-Spam 3.0 and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
Appendix D 133 All rights reserved. 1. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 2. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 3.
Kaspersky Anti-Spam 3.0 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Appendix D 135 THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Kaspersky Anti-Spam 3.0 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Appendix D Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2.
Kaspersky Anti-Spam 3.0 Copyright (c) 1996-1999 Silicon Graphics Computer Systems, Inc. Copyright (c) 1997 Moscow Center for SPARC Technology Copyright (c) 1999, 2000, 2001, 2002 Boris Fomitchev This material is provided "as is", with absolutely no warranty expressed or implied. Any use is at your own risk. Permission to use or copy this software for any purpose is hereby granted without fee, provided the above notices are retained on all copies.
Appendix D paragraph 6 below, in the documentation and/or other materials provided with the distribution. For the purposes of binary distribution the "Copyright Notice" refers to the following language: "Copyright (c) 1998-2004 Sendmail, Inc. All rights reserved." 4. Neither the name of Sendmail, Inc. nor the University of California nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission.
Kaspersky Anti-Spam 3.0 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. OpenSSL library can be used on the following terms and conditions: LICENSE ISSUES ============== The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses.
Appendix D FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Kaspersky Anti-Spam 3.0 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: "This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)" The word 'cryptographic' can be left out if the rouines from the library being used are not cryptographic related :-). 4.
Appendix D 143 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
APPENDIX E. LICENSE AGREEMENT End User License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT") FOR THE LICENSE OF SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED BY KASPERSKY LAB ("KASPERSKY LAB"). IF YOU HAVE PURCHASED THIS SOFTWARE VIA THE INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE LEGAL ENTITY) CONSENT TO BE BOUND BY AND BECOME PARTY TO THIS AGREEMENT.
Appendix E 145 PRODUCT. IN THIS CASE, KASPERSKY LAB WILL NOT BE HELD BY THE PARTNER'S CLAUSES. THE RIGHT TO RETURN AND REFUND EXTENDS ONLY TO THE ORIGINAL PURCHASER. All references to "Software" herein shall be deemed to include the software activation key ("Key Identification File") with which you will be provided by Kaspersky Lab as part of the Software. 1. License Grant.
Kaspersky Anti-Spam 3.0 1.1.4 You shall not make error corrections to, or otherwise modify, adapt, or translate the Software, nor create derivative works of the Software, nor permit any third party to copy the Software (other than as expressly permitted herein). 1.1.5 You shall not rent, lease or lend the Software to any other person, nor transfer or sub-license your license rights to any other person. 1.1.
Appendix E 147 may terminate this Agreement at any point by destroying all copies of the Software and the Documentation. 3. Support.
Kaspersky Anti-Spam 3.0 (i) Kaspersky Lab warrants that for six (6) months from first download or installation the Software purchased on a physical medium will perform substantially in accordance with the functionality described in the Documentation when operated properly and in the manner specified in the Documentation. (ii) You accept all responsibility for the selection of this Software to meet your requirements.
Appendix E 149 (e) Loss of business; (f) Loss of opportunity; (g) Loss of goodwill; (h) Loss of reputation; (i) Loss of, damage to or corruption of data, or: (j) Any indirect or consequential loss or damage howsoever caused (including, for the avoidance of doubt, where such loss or damage is of the type specified in paragraphs (ii), (a) to (ii), (i).
