Kaspersky has announced a major update to Kaspersky Security for Mail Server (KSMS), introducing a new advanced license – KSMS Plus – and delivering expanded capabilities designed to help organizations stay ahead of increasingly sophisticated email threats.
According to the Kaspersky Spam and phishing report 2025, last year, almost 45% of all emails sent worldwide were spam. Email continues to serve as a primary entry point for cyberattacks, from targeted phishing campaigns to complex attacks using malware hidden in encrypted attachments. Therefore, organizations now require deeper visibility, stronger prevention mechanisms, and streamlined investigation workflows. The latest evolution of Kaspersky Security for Mail Server addresses these demands with enhanced protection technologies and improved operational efficiency.
KSMS Plus: deeper protection against advanced threats
The updated solution is now available in two licensing tiers: KSMS and KSMS Plus. While KSMS continues to deliver multi-layered protection against spam, phishing, and malware, KSMS Plus extends these capabilities with advanced technologies tailored for mature organizations facing complex and targeted threats.
Among the key additions in KSMS Plus is Content Disarm and Reconstruction (CDR), which neutralizes potentially malicious elements in emails and attachments before safely reconstructing clean versions for delivery. This ensures business continuity while minimizing risk, allowing employees to access necessary information without exposing infrastructure to hidden payloads.
KSMS Plus also introduces scanning of password-protected archives delivered via email, even if the password is not in the same email. In this case the user enters the archive password on a dedicated web portal in KSMS interface, triggering automated analysis with KSMS detection technologies and the KATA Sandbox. Once the scan is complete, the verified attachment is delivered to the mailbox safely or blocked if it is malicious – all without requiring involvement from IT or security teams.
Enhanced visibility and investigation efficiency
Beyond advanced protection, the new version significantly improves operational transparency for security teams. Administrators can now search and filter mail logs directly within the web interface, eliminating the need for command-line access and accelerating incident analysis.
Integration with Kaspersky Anti Targeted Attack (KATA) has also been enhanced. When suspicious emails are submitted for sandbox analysis, the resulting alerts in KATA now include detailed information about actions taken by KSMS – whether an email was blocked, quarantined, or delivered. This unified visibility reduces investigation time and improves decision-making during incident response.
To address the growing use of QR codes in phishing campaigns, the platform now allows administrators to activate comprehensive QR code scanning directly from the web interface. The detection engine analyzes QR codes embedded in email bodies and attachments – including black and white, colored, angled, blurry, and even branded variations – closing a rapidly expanding attack vector.
Built for flexibility and control
The updated version also introduces built-in load balancing capabilities within the web interface – no separate load balancer in the customer infrastructure is required, which simplifies deployment and infrastructure setup. In addition, now emails are automatically rescanned by KSMS before being released from quarantine using the latest rules and updates, ensuring that no current threats are missed.
Sender authentication controls have been further strengthened with a more flexible rule builder for SPF, DKIM, and DMARC processing. Predefined best-practice configurations help organizations enforce stronger authentication policies while maintaining adaptability to their unique environments.
Alexander Rumyantsev, Senior Product Manager, Cloud & Network Security at Kaspersky, said: “Attackers are increasingly leveraging evasive techniques such as encrypted archives, QR-based lures, and socially engineered delivery chains to bypass traditional email defenses. With the introduction of KSMS Plus, we help identify complex threats and address the need for advanced email security, which can be relevant for mature enterprise companies. By combining content neutralization, sandbox-based behavioral analysis, and tighter cross-product visibility, we enable security teams to reduce uncertainty, accelerate response, and strengthen control over one of the most complex and exploited layers of the corporate attack surface – email.”
For more information about Kaspersky Security for Mail Server, please follow the link.
