UCF STIG Viewer Logo

SI-8 SPAM PROTECTION


Overview

Number Title Impact Priority Subject Area
SI-8 Spam Protection MODERATE P2 System And Information Integrity

Instructions
The organization:
SI-8a.
Employs spam protection mechanisms at information system entry and exit points to detect and take action on unsolicited messages; and
SI-8b.
Updates spam protection mechanisms when new releases are available in accordance with organizational configuration management policy and procedures.
Guidance
Information system entry and exit points include, for example, firewalls, electronic mail servers, web servers, proxy servers, remote-access servers, workstations, mobile devices, and notebook/laptop computers. Spam can be transported by different means including, for example, electronic mail, electronic mail attachments, and web accesses. Spam protection mechanisms include, for example, signature definitions.

Enhancements
SI-8 (1) Central Management MODERATE
Central management is the organization-wide management and implementation of spam protection mechanisms. Central management includes planning, implementing, assessing, authorizing, and monitoring the organization-defined, centrally managed spam protection security controls.

The organization centrally manages spam protection mechanisms.

SI-8 (2) Automatic Updates MODERATE

The information system automatically updates spam protection mechanisms.

SI-8 (3) Continuous Learning Capability
Learning mechanisms include, for example, Bayesian filters that respond to user inputs identifying specific traffic as spam or legitimate by updating algorithm parameters and thereby more accurately separating types of traffic.

The information system implements spam protection mechanisms with a learning capability to more effectively identify legitimate communications traffic.