Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-18695 | EMG2-272 Exch2K3 | SV-20330r1_rule | ECSC-1 | Low |
Description |
---|
E-mail system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning reduces the risk that system or network congestion will contribute to availability impacts. Filters that govern inbound E-mail evaluation can significantly reduce SPAM, PHISHING, and SPOOFED E-mails. Messages from blank senders, known SPAMMERS, or 0-day attack modifications must be enabled to be effective. Even if filtering is not being performed on the Exchange servers, there is no adverse effect from having them enabled (even if no configuration exist for the filter itself). It may prevent accidental omission in the event that a filter is configured in the future. If one of the filters does have configuration values, failure to enable the filter will result in no action taken. This setting should always be enabled. |
STIG | Date |
---|---|
Microsoft Exchange Server 2003 | 2014-08-19 |
Check Text ( C-22413r1_chk ) |
---|
Verify that Exchange Filters are enabled. Procedure: Exchange System Manager >> administrative groups >> [administrative group] >> Servers >> [Server] >> Protocols >> SMTP >> [specific SMTP server] >> properties >> General tab >> Advanced >> Edit The “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter” checkbox should be selected. Criteria: If “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter” checkboxes are selected, this is not a finding. |
Fix Text (F-19341r1_fix) |
---|
Enable the Sender, Recipient, and Connection Filters. Procedure: Exchange System Manager >> administrative groups >> [administrative group] >> Servers >> [Server] >> Protocols >> SMTP >> [specific SMTP server] >> properties >> General tab >> Advanced >> Edit Select checkboxes for “Apply Sender Filter” “Apply Recipient Filter” and “Apply Connection Filter”. |