Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Receive Connectors must control the message count per inbound session.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| Exch-HB-208 | Exch-HB-208 | Exch-HB-208_rule | Low |
| Description |
|---|
| Email system availability depends in part on best practices strategies for setting tuning configurations. This setting controls the maximum number of messages allowed in a single SMTP session by breaking large numbers of messages into multiple sessions. Failure to control message counts as they arrive adds risk that a sending domain could monopolize email resources by not controlling message counts per session as inbound messages arrive. Microsoft best practice recommends setting this to a value of 300. |
| STIG | Date |
|---|---|
| Microsoft Exchange 2010 Hub Transport Server Role | 2012-05-31 |
Details
| Check Text ( C-_chk ) |
|---|
| Obtain the Email Domain Security Plan (EDSP) and locate the "Maximum Recipients per Message" value. Open the Exchange Management Shell and enter the following command. Get-ReceiveConnector | Select Name, Identity, MaxRecipientsPerMessage For each Receive Connector, evaluate the "MaxRecipientsPerMessage" value. If the value of "MaxRecipientsPerMessage" is set to 300, this is not a finding. If the value of "Maximum Recipients per Message" is set to a value other than 300, and has signoff and risk acceptance in the EDSP, this is not a finding. |
| Fix Text (F-_fix) |
|---|
| Open the Exchange Management Shell and enter the following command. Set-ReceiveConnector -Identity <'Server\ReceiveConnector'> -MaxRecipientsPerMessage 300 or other value as identified by the Email Domain Security Plan. |