A public web server will limit e-mail to outbound only.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-2261	WG330	SV-2261r1_rule		Medium

Description
Incoming e-mails have been known to provide hackers with access to servers. Disabling the incoming mail service prevents this type of attacks. Additionally, e-mail is a specialized application that requires the dedication of server resources. A production web server should only provide hosting services for web sites. Supporting mail services on a web server opens the server to the risk of abuse as an e-mail relay.

Description

Incoming e-mails have been known to provide hackers with access to servers. Disabling the incoming mail service prevents this type of attacks. Additionally, e-mail is a specialized application that requires the dedication of server resources. A production web server should only provide hosting services for web sites. Supporting mail services on a web server opens the server to the risk of abuse as an e-mail relay.

STIG	Date
IIS 7.0 Server STIG	2019-03-22

Details

Check Text ( C-29976r2_chk )
1. Right-click the Task Bar and select Task Manager. 2. Click the Services tab and look SMTP service. If thee service is running then this is a finding. Search the system to determine if other email programs are running. If available, telnet to the server under review on port 25; if a response is received then this is a finding.

Fix Text (F-26834r1_fix)
1. Disable the SMTP service. 2. If other email programs are running remove the programs.