UCF STIG Viewer Logo

A web server must limit e-mail to outbound only.


Overview

Finding ID Version Rule ID IA Controls Severity
V-2261 WG330 IIS7 SV-32639r2_rule Medium
Description
Incoming e-mails have been known to provide hackers with access to servers. Disabling the incoming mail service prevents this type of attacks. Additionally, e-mail is a specialized application requiring the dedication of server resources. A production web server should only provide hosting services for web-sites. Supporting mail services on a web server opens the server to the risk of abuse as an e-mail relay.
STIG Date
IIS 7.0 WEB SERVER STIG 2017-12-21

Details

Check Text ( C-33495r1_chk )
1. Open the Task Manager.
2. Click the Services tab and look for SMTP service. If the service is running, then this is a finding.
3. Open Add/Remove Programs to see if there are any e-mail programs installed. Search the system to determine if other e-mail programs are running. If there is an e-mail program installed and that program has been configured to accept inbound e-mail, this is a finding.
4. If available, telnet to the server under review on port 25. If a response is received, this is a finding.
Fix Text (F-29194r1_fix)
1. Disable the SMTP service.
2. If other e-mail programs are running remove the programs.