Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Message Recipient Count Limit is not limited on the SMTP virtual server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18670 | EMG2-107 Exch2K3 | SV-20284r1_rule | ECSC-1 | Medium |
| Description |
|---|
| E-Mail system availability depends in part on best practices strategies for setting tuning configurations. Global Message Recipient Limits determine the total number of recipients that can be addressed on a single message. At the virtual server level, this field is set to a limited size, and is used to control the maximum number of recipients who will receive a copy of this message at one time. It is intended to improve efficiency by forcing messages sent to a greater number of recipients to be sent out in multiple messages. |
| STIG | Date |
|---|---|
| Microsoft Exchange Server 2003 | 2014-08-19 |
Details
| Check Text ( C-22389r1_chk ) |
|---|
| Verify the SMTP Virtual Server Recipient Count Limit. Procedure: Exchange System Manager >> Administrative Groups >> [administrator group] >> Servers >> [server] >> Protocols >> SMPT >> [specific SMPT server] >> Properties >>Messages Tab The “Limit number of recipients per message” should be is set to a numeric value of 64000 (default) or less. Criteria: If “Limit number of recipients per message” is set to a numeric value of 64000 (default) or less, and the System Security Plan documentation has a documented reason, this is not a finding. |
| Fix Text (F-19317r1_fix) |
|---|
| Set the SMTP Virtual Server Message Recipient Count limit.. Procedure: Exchange System Manager >> Administrative Groups >> [administrator group] >> Servers >> [server] >> Protocols >> SMTP >> [specific SMTP server] >> Properties >>Messages Tab Select “Limit number of recipients per message" to 64000. |