UCF STIG Viewer Logo

Exchange servers must have an approved DOD email-aware virus protection software installed.


Finding ID Version Rule ID IA Controls Severity
V-259686 EX19-MB-000134 SV-259686r942372_rule High
With the proliferation of trojans, viruses, and spam attaching themselves to email messages (or attachments), it is necessary to have capable email-aware antivirus (AV) products to scan messages and identify any resident malware. Because email messages and their attachments are formatted to the MIME standard, a flat-file AV scanning engine is not suitable for scanning email message stores. Email-aware antivirus engines must be Exchange 2019 compliant. Competent email scanners will have the ability to scan mail stores, attachments (including zip or other archive files) and mail queues and to issue warnings or alerts if malware is detected. As with other AV products, a necessary feature to include is the ability for automatic updates.
Microsoft Exchange 2019 Mailbox Server Security Technical Implementation Guide 2024-01-10


Check Text ( C-63425r942370_chk )
Review the Email Domain Security Plan (EDSP).

Determine the antivirus strategy.

Verify the email-aware antivirus scanner product is Exchange 2019 compatible and DOD approved.

If email servers are using an email-aware antivirus scanner product that is not DOD approved and Exchange 2019 compatible, this is a finding.
Fix Text (F-63333r942371_fix)
Update the EDSP to specify the organization's antivirus strategy.

Install and configure a DOD-approved compatible Exchange 2019 email-aware antivirus scanner product.