SMTP Sender, Recipient, or Connection Filters are not engaged.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-18695	EMG2-272 Exch2K3	SV-20330r1_rule	ECSC-1	Low

Description
E-mail system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning reduces the risk that system or network congestion will contribute to availability impacts. Filters that govern inbound E-mail evaluation can significantly reduce SPAM, PHISHING, and SPOOFED E-mails. Messages from blank senders, known SPAMMERS, or 0-day attack modifications must be enabled to be effective. Even if filtering is not being performed on the Exchange servers, there is no adverse effect from having them enabled (even if no configuration exist for the filter itself). It may prevent accidental omission in the event that a filter is configured in the future. If one of the filters does have configuration values, failure to enable the filter will result in no action taken. This setting should always be enabled.

Description

E-mail system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning reduces the risk that system or network congestion will contribute to availability impacts. Filters that govern inbound E-mail evaluation can significantly reduce SPAM, PHISHING, and SPOOFED E-mails. Messages from blank senders, known SPAMMERS, or 0-day attack modifications must be enabled to be effective. Even if filtering is not being performed on the Exchange servers, there is no adverse effect from having them enabled (even if no configuration exist for the filter itself). It may prevent accidental omission in the event that a filter is configured in the future. If one of the filters does have configuration values, failure to enable the filter will result in no action taken. This setting should always be enabled.

STIG	Date
Microsoft Exchange Server 2003	2014-08-19

Details

Check Text ( C-22413r1_chk )
Verify that Exchange Filters are enabled. Procedure: Exchange System Manager >> administrative groups >> [administrative group] >> Servers >> [Server] >> Protocols >> SMTP >> [specific SMTP server] >> properties >> General tab >> Advanced >> Edit The “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter” checkbox should be selected. Criteria: If “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter” checkboxes are selected, this is not a finding.

Check Text ( C-22413r1_chk )

Verify that Exchange Filters are enabled.

Procedure: Exchange System Manager >> administrative groups >> [administrative group] >> Servers >> [Server] >> Protocols >> SMTP >> [specific SMTP server] >> properties >> General tab >> Advanced >> Edit

The “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter” checkbox should be selected.

Criteria:
If “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter” checkboxes are selected, this is not a finding.

Fix Text (F-19341r1_fix)
Enable the Sender, Recipient, and Connection Filters. Procedure: Exchange System Manager >> administrative groups >> [administrative group] >> Servers >> [Server] >> Protocols >> SMTP >> [specific SMTP server] >> properties >> General tab >> Advanced >> Edit Select checkboxes for “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter”.