23:10, 30 March 2026

RuPost Mail Server Integrated With SearchInform SIEM System

The update enables centralized monitoring and stronger email security controls

Russian developer SearchInform has added support for the domestic mail server RuPost to its SIEM platform.

RuPost is a corporate email system developed by Astra Group and widely adopted by Russian companies transitioning to domestic software. SearchInform SIEM can now receive and process data on key events from the mail server.

Full Visibility

The system logs when employees log in and out of mailboxes, send and receive emails, and modify group policies, roles, and filters. Special focus is placed on privileged accounts, with SIEM tracking administrator actions and detecting attempts to guess mailbox passwords.

The new connector is already available to users and comes with a set of preconfigured correlation rules to help identify suspicious activity more quickly.

Long-Standing Demand

Mikhail Zarembo, head of product expertise at RuPost, said demand for such integration had been building for some time.

“Switching to domestic software should not mean losing control or familiar monitoring tools. We have seen consistent demand from customers for seamless integration between RuPost and information security systems. Through close collaboration with SearchInform, we have delivered full compatibility between the mail system and SIEM. Companies can now centrally monitor their email infrastructure without assembling components themselves. This is an important step toward building a trusted software ecosystem where components not only work together but integrate effectively with security systems,” Zarembo said.

Security Comes First

Mail servers store large volumes of sensitive data, and maintaining oversight becomes a key challenge when companies transition to domestic software.

“Mail servers are one of the primary repositories of sensitive data in any organization. With the shift to domestic software, security teams must not only deploy new systems but also maintain the same level of control. Email infrastructure faces risks from both external attacks and insider threats. Integration with SIEM helps manage these risks. For example, if someone attempts to reconfigure the mail server to access private correspondence, SearchInform SIEM will detect suspicious activity and alert the security team,” said Pavel Pugach, system analyst at SearchInform.

Cybersecurity