Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
E-mail SMTP services are using Non-PPSM compliant ports.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18734 | EMG2-105 Exch2K3 | SV-20411r1_rule | DCPP-1 | Medium |
| Description |
|---|
| Standard defined ports and protocols should be used for all Exchange services. The standard port for regular SMTP connections is 25. Changing the ports to non-standard values provides only temporary and limited protection against automated attacks since these attacks will not connect to the custom port. A determined attacker may still be able to determine which ports are used for the SMTP by performing a comprehensive port scan Negative impacts of using non-standard ports include complexity for the system administrator, custom configurations for connecting clients, risk of port conflict with non-exchange applications, and risk of incompatibility with standard port monitoring applications. |
| STIG | Date |
|---|---|
| Microsoft Exchange Server 2003 | 2014-08-19 |
Details
| Check Text ( C-22455r1_chk ) |
|---|
| Verify that SMTP services are deployed on compliant ports and protocols. Procedure: Exchange system manager >> administrative groups >> [administrative groups]>>Servers >> [server]>>Protocols >> SMTP >> [specific SMTP server] >> Properties >> Delivery Tab >> Outbound connections button >> TCP Port For SMTP, port 25 should be entered. Criteria: If 25 is entered for the SMTP port, this is not a finding. |
| Fix Text (F-19383r1_fix) |
|---|
| Enter the SMTP compliant ports. Procedure: Exchange system manager >> administrative groups >> [administrative groups]>>Servers >> [server]>>Protocols >> SMTP >> [specific SMTP server] >> Properties >> Delivery Tab >> Outbound Connections button >> TCP Port For SMTP, enter 25. |